Hiring an independent service auditor to perform the review allows the organisation to be subjected to just one internal controls audit. Upon completion, the report is distributed to the service organisation’s users so that their auditors may rely upon its opinion and findings and subsequently limit or eliminate additional substantive audit procedures. It can help:
With the recent heightened awareness to operational risk management, more and more clients of service organisations are requesting a service organisation control report to provide comfort over the processing control. The benefits are:
ISAE 3402/SSAE 16 reports provide management with greater comfort over the organisation environment and a basis for reliance on controls mitigating your (and your clients') risks with a focus on financial reporting.
Management can use ISAE 3402/SSAE 16 reports to provide employees with key information about the organisation and how transactions are processed as well as providing with a better understanding of the global objectives of the business and foster control discipline across organisation over control environment soundness.
ISAE 3402/SSAE 16 reports provide management with an independent assessment of the control procedures’ adequacy and `reasonable assurance´ over the processing control environment operating effectiveness that impacts user entities’ internal control over financial reporting.
It illustrates the positive effects of properly functioning and articulated control environment to an organisation’s senior management and can assist to reduce the likelihood of unwanted surprises: