SERVICE AUDITS Flashcards
What is a service audit
auditor audits a specific service department such as payroll
Two types of service reports
1
2
1 - Fairness and suitable design on IC
Disclaimer of opinion because not reporting on effectiveness
Other auditors can rely on
RESTRICTED IN USE
2 - Same as a type one but also provides an opinion on the effectiveness of IC
TYPE 1 REPORT
(1) a title that includes the word independent;
(2) an addressee;
(3) identification of management’s description of the system;
(4) a reference to management’s assertion and a statement of management’s responsibility for the controls;
(5) a statement that the service auditor’s responsibility is to express an opinion on the fairness of management’s description of the system and the suitability of the design of the controls in meeting the objectives;
(6) a statement that the report was conducted in accordance with the AICPA attestation standards;
(7) a statement that the service auditor did not test the effectiveness of the controls;
(8) statements about the scope of the service auditor’s procedures;
(9) a statement about the inherent limitations of controls; (10) an opinion on whether, in all material respects, management’s description of the system is fairly stated and whether the controls are suitably designed;
(11) a statement restricting the use of the report to management of the service organization and user entities;
(12) the date of the report; and
(13) the name, city, and state of the service auditor.
INTERGRATED APPROACH
1 - Statement level by understanding the risks of internal control
2 - preforms a top-down approach (entity-level controls to individual accounts)
SOX Section 404(INTERNAL RULE) requires issuers annual report in regards to IC
management asserts that IC is functional
over 75million in equity independent auditor is required to ASSERT
THOSE CHARGED W/ GOVERNANCE
BOARD
