1-866-805-6312
For Public Companies
Revenue Recognition
Revenue Recognition
Read more white papers
5 Steps to Turnaround
5 Steps to Turnaround
Read more articles
SAS 70 Transition to SSAE 16
SAS 70 Transition to SSAE 16
Read more articles
 
   
     

Services Organization Reporting


As companies search for an effective approach to outsourcing non-core processes, cost is not the only key factor to consider. Today, Service Organizations are under increasing pressure to provide greater transparency to their customers on the effectiveness of their internal controls over the processing, storage and security of customer data. Depending on the services being delivered, the Service Organizations must choose what information is relevant to their clients (financial reporting, security, availability, processing integrity, confidentiality or privacy), and choose the means of reporting to minimize inquires and request for audits from those customers.

One way for a Service Organization to communicate the strength and reliability of its internal processes is by getting an independent audit of the services they provide to their customers. Although not mandatory, the audit reports serve as an independent verification of the Service Organization's internal controls. This verification is increasingly being expected by customers and potential customers and is critical for maintaining a competitive advantage. The benefits of these examinations are realized by both the Service Organization as well as the customers receiving the services.

SAS 70/SSAE 16
In the past, Statement on Auditing Standards (SAS) 70 and WebTrust have traditionally fulfilled this need. Service Organizations are currently being required to transition to the new US Standards for Attestation Engagements (SSAE) No. 16 and International Standard ISAE 3402. The impact on each Service Organization will vary.

Key Benefits for Service Organizations:

  • Audited only once by an independent auditor vs. being audited by many customers.
  • Cost reduction through standardization of processes.
  • Transparency with customers on compliance and audit results.

Key Benefits for User Organizations:

  • Management of risks and exposures while outsourcing business services.
  • An efficient use of the resources from not having to audit the service provider.
  • Ensure processing integrity and data reliability of outsourced business transactions and services.

BPM's Transition and Readiness Services
Whether you're a Service Organization undertaking SAS70/SSAE 16/ISAE 3402 reporting for the first time or considering a change in auditors, BPM's professionals can assist you in implementing a risk-based approach to the new reporting requirements. We will perform an objective assessment of your existing control environment to ensure that your report accurately communicates your structure and meets your readers' requirements.

BPM's Attest Services
The changes in standards provides increased flexibility to auditors allowing them to produce reports that are the most relevant for the Service Organization's business. Report options allow the Service Organizations to only include those controls most relevant to the services being rendered. BPM will produce a report that Service Organization's customers can rely upon for objectivity, relevance, accuracy and thoroughness.

The nature of SSAE 16 report options include:

  • SOC 1: Financial Reporting
  • SOC 2: Security, Availability, Processing Integrity, Confidentiality or Privacy
  • SOC 3: Trust Services Seal (WebTrust/SysTrust)

For more information, email us at .

 

 

Revenue Recognition

Learn how new rules will impact the way you do business.

Transitioning to IFRS

Many business leaders are unaware of how IFRS will impact their accounting.

 

Resources

connect with us: Google+ LinkedIn Facebook Twitter