58AT-C 320 Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting
Objectives of AT-C Section 320
Management and Those Charged with Governance
Request to Change the Scope of the Engagement
Requesting a Written Assertion
Assessing the Suitability of the Criteria
Using the Work of the Internal Audit Function
Obtaining Evidence Regarding Management’s Description of the Service Organization’s System
Obtaining Evidence Regarding the Design of Controls
Obtaining Evidence Regarding the Operating Effectiveness of Controls
Evaluating the Reliability of Information Produced by the Service Organization
Nature and Causes of Deviations
The Service Auditor’s Type 2 Report
SCOPE
AT-C 320 applies to examination engagements to report on controls at organizations that provide services to user entities when those controls are likely to be relevant to user entities’ internal control over financial reporting. Note that a service auditor’s report prepared under AT-C 320 may be used as audit evidence under AU-C 402. (AT-C 320.01)
For Section 320, CPAs must comply with Section ...
Get Wiley Practitioner's Guide to GAAS 2020 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
