Service Auditor Reporting
Outsourcing is a growing trend and companies increasingly depend on third-party providers to deliver critical services. Ten years ago only one or two major third party services providers may have been used for a limited number of companies outsourcing core operations (e.g. payroll or pension administration) but now organisations often depend on many providers to deliver any number of services. Consequently service providers (or third party providers) are looking to provide their customers, and their customers’ auditors, with an understanding of controls in place at the service provider and, in certain instances, evidence to determine whether controls over the outsourced service at the service provider are effective.
Although the marketplace is comfortable with the SAS70 reporting format, there are alternative types of reports, and the reports that can be used going forward are changing in June 2011 under the largest change in Service Auditor Reporting in recent memory.
The International Auditing and Assurance Standards Board (IAASB) issued a new international standard for engagements to report on controls at service organisations. At the same time the American Institute of Certified Public Accountants (AICPA) have replaced the SAS 70. While the standards drafted by the IAASB and AICPA are not significantly different from each other, nor from the present standard, they do present some changes from SAS 70 that may prove challenging for some service organisations.
How Deloitte can help
- We have specifically trained teams that are geographically spread throughout our offices in the UK and experience in leading global teams that are providing suites of reports in multiples countries and continents to a single global client.
- With the changes in core standards and new standards available, we have prepared various materials and methodologies to help service providers adopt or transition to the new standards. Key in this development is one of our Senior Partners who sits on the panel within the ICAEW which has written the AAF 01/06 and its updates. He also sits on the international consultation panel which created the new international standard, the ISAE3402. This panel was also part of iterative consultation through joint working parties over the creation of the new American standard, the SSAE16.
- We can explain the differences between the reports, support the decision making process for selecting the correct report for a service provider and also assist in the transition from one reporting framework to another.
Share this page
© 2013 Deloitte LLP. All rights reserved. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity.
Please see About Deloitte for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its Member Firms. View our accessibility statement.
