61AT-C 320 Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting
- Scope
- Definitions of Terms
- Objectives of AT-C Section 320
- Requirements
- Management and Those Charged with Governance
- Preconditions
- Request to Change the Scope of the Engagement
- Requesting a Written Assertion
- Assessing the Suitability of the Criteria
- Materiality
- Obtaining an Understanding of the Service Organization's System and Assessing the Risk of Material Misstatement
- Obtaining Evidence Regarding Management’s Description of the Service Organization’s System
- Obtaining Evidence Regarding the Design of Controls
- Obtaining Evidence Regarding the Operating Effectiveness of Controls
- Evaluating the Reliability of Information Produced by the Service Organization
- Nature and Causes of Deviations
- Subsequent Events
- Written Representations
- The Service Auditor's Type 2 Report
- Other Matters in the Report
- Modified Opinions
- Other Communication Responsibilities
- Illustration: Type 1 Service Auditor's Report
SCOPE
AT-C 320 applies to examination engagements to report on controls at organizations that provide services to user entities when those controls are likely to be relevant to user entities’ internal control over financial reporting. Those controls may relate to assertions about presentation and disclosure or transactions. For example, a payroll processing service organization's controls related to sending payroll deductions to taxing authorities ...
Get Wiley Practitioner's Guide to GAAS 2022 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.