SOC Reports: What are they and what should you do with them? berrydunn.com GAIN CONTROL
|
|
- Chloe Williams
- 5 years ago
- Views:
Transcription
1 SOC Reports: What are they and what should you do with them? berrydunn.com GAIN CONTROL
2 AGENDA SOC REPORTS OVERVIEW RELEVANT SECTIONS TO REVIEW SOC REVIEW CHECKLIST 2
3 SOC REPORTS OVERVIEW 3
4 SOC REPORTS OVERVIEW Terms to know: SOC Service Organization Control Service organization the third-party service provider that performs a task or function for other entities Service auditor the CPA firm doing the SOC exam User organization customers of the service organization User auditors the customer s financial statement auditors 4
5 SOC REPORTS OVERVIEW Things to know SOC 1 (SSAE 16) SOC 2 What is it? Who needs it? What does it cover? What does it look like? Report on internal controls on financial reporting A company that acts as a service organization that processes data or provides services critical to their customers financial reporting For example: third-party administrators, e- commerce industries that process data, payroll administrators, insurance organizations Relevant internal controls on financial reporting as defined by the service organization Report consisting of: 1. Auditor s Opinion 2. Written Description 3. Controls and Results of Tests Report on internal controls based on Security, Availability, Processing Integrity, Confidentiality, Privacy A company that acts as a service organization that may host or support customer data For example: data centers, software-as-aservice (SaaS) organizations, printing services, managed service providers One of more of the AICPA defined Trust Service Principles (TSPs) and criteria Who uses it? Service organization, user organizations, user auditors 5
6 SOC REPORTS OVERVIEW Type 1 Audit of design effectiveness. Provides assurance that the controls are properly designed and in place at a point in time An inquiry and observation only audit Ideal for first time auditees Limited usefulness for user organizations Type 2 Audit of design and operating effectiveness. Provides assurance that the controls are properly designed, in place and operating effectively over a period of time Much more detailed prove it testing, observation inspection and reperformance More appropriate for financial auditors who are assessing controls at the service organization Provides reasonable assurance control objectives are met 6
7 SOC REPORTS OVERVIEW: PRIMARY COMPONENTS I. Independent Service Auditor s Report: Addresses the report type, reporting period, opinion, and any qualifications or disclaimers II. Description of the System: Free-form narrative description of processes and controls provided by the service organization III. Information Provided by the Auditor: Identifies the procedures (tests) performed by the auditor and results IV. Other Information: May contain other information provided by the service organization (section not tested by the auditor) 7
8 SOC REPORTS OVERVIEW Why Review a SOC Report? Risk Management Vendor Due Diligence Financial Statement Impacts 8
9 RELEVANT SECTIONS TO REVIEW 9
10 RELEVANT SECTIONS TO REVIEW Independent Service Auditor s Report What type of report is it? Is the time period parallel to your audit period? Is the scope of the report relevant to your operations? Are there any disclaimers? Is the opinion qualified (bad) or unqualified (good)? Control Objectives Results of Tests User Control Considerations (UCCs) 10
11 RELEVANT SECTIONS TO REVIEW: AUDITOR S REPORT 11
12 RELEVANT SECTIONS TO REVIEW: AUDITOR S REPORT 12
13 RELEVANT SECTIONS TO REVIEW: AUDITOR S REPORT 13
14 RELEVANT SECTIONS TO REVIEW Independent Service Auditor s Report Control Objectives Is there sufficient coverage of relevant controls? Is the big picture of the control environment captured? Results of Tests User Control Considerations (UCCs) 14
15 RELEVANT SECTIONS TO REVIEW: CONTROL OBJECTIVES CONTROL OBJECTIVES AND RELATED CONTROL ACTIVITIES Although the control objectives and related control activities are described in Section Three, they are, nevertheless, an integral part of ABC control environment. The description of the service auditor s tests of operating effectiveness and the results of those tests are also presented in the testing matrices in Section Three, adjacent to ABC description of controls. The description of the tests of operating effectiveness and the results of those tests are the responsibility of the service auditor and should be considered information provided by the service auditor. The control objectives include: Control Objective 1: Controls provide reasonable assurance that the creation and modification of contract records are properly authorized and that customer data is accurately and completely input into the system. Control Objective 2: Controls provide reasonable assurance that the creation of, and modifications to, participant accounts are properly authorized and information is accurately and completely input into the system. Control Objective 3: Controls provide reasonable assurance that the participant or plan statements are prepared completely, timely, and accurately. Control Objective 4: Controls provide reasonable assurance that contributions and loan repayments are authorized and are recorded completely, accurately, and timely to a participant account. Control Objective 5: Controls provide reasonable assurance that distributions and participant loans from the Plan are authorized and recorded completely, accurately, and timely. Control Objective 6: Controls provide reasonable assurance that the purchase and sale of investments and each participant s share of investment income or loss are properly authorized and recorded for the correct amount, in the proper period, and to the correct account. Control Objective 7: Controls provide reasonable assurance that the compliance tests required under Employee Retirement Income Security Act (ERISA), Department of Labor (DOL), and Internal Revenue Code (IRC) rules and regulations are prepared and Internal Revenue Service (IRS) forms are timely prepared and sent to clients. Control Objective 8: Controls provide reasonable assurance that changes to plan administration software are authorized, approved, and implemented in accordance with management s instructions. Control Objective 9: Controls provide reasonable assurance that logical access to plan administration software and related data files is restricted to properly authorized individuals. Control Objective 10: Controls provide reasonable assurance that critical applications and data are backed up regularly and backup media is archived off-site for a reasonable amount of time. Control Objective 11: Controls provide reasonable assurance that facilities and computing equipment are physically and environmentally safeguarded. 15
16 RELEVANT SECTIONS TO REVIEW Independent Service Auditor s Report Control Objectives Results of Tests Are there any deviations noted? How are they relevant to your operations? Do the deviations impact you? User Control Considerations (UCCs) 16
17 RELEVANT SECTIONS TO REVIEW: RESULTS OF TESTS (SOC 1) 17
18 RELEVANT SECTIONS TO REVIEW Independent Service Auditor s Report Control Objectives Results of Tests User Control Considerations (UCCs) Are you doing all these? 18
19 RELEVANT SECTIONS TO REVIEW: UCCs UCCs are controls at your organization that should be in place to supplement the controls at the service organization These controls are your responsibility and the control is only effective if you do your part Does your organization have these controls in place? Review UCCs in conjunction with signed Service Level Agreements 19
20 RELEVANT SECTIONS TO REVIEW: UCCs PURPOSE AND SCOPE OF THE REPORT This report is intended to provide ABC customers and other interested parties with information about ABC s controls that may affect the processing of transactions for its customers. The information contained in this report, when combined with an understanding of the controls in place at the customer, is intended to assist the customer s independent auditor in planning the audit of the customer, and in assessing control risk for assertions in the customer s financial statements that may be affected by controls at ABC. It is the responsibility of each user of this report to evaluate the information contained in this report, in relation to the controls in place at the customer. If certain complementary controls are not in place at the customer, ABC controls may not compensate for such weaknesses. 20
21 RELEVANT SECTIONS TO REVIEW: UCCs USER CONTROL CONSIDERATIONS ABC procedures are designed with the assumption that certain internal controls are implemented by customers of ABC. The application of such internal controls by the customer is necessary to achieve the control objectives identified. There may be additional control objectives and related controls that would be appropriate for the processing of transactions that are not identified. This section describes certain internal controls that the users should consider to achieve the control objectives identified in this report. The user control considerations presented below should not be regarded as a comprehensive list of all the controls that should be employed by users. 1. The client should review all plan setup reports, conversion reconciliations, and notices during the conversion process. 2. The client is responsible for submitting all plan provision changes in writing and authorizing the request prior to forwarding to ABC. 3. The client is responsible for determining employee eligibility unless the client has elected in a Plan Services Agreement (PSA) that these services be provided by ABC or a third party. 4. The client should review participant enrollment forms for accuracy and completeness and authorize the forms prior to providing them to ABC. 5. The client is responsible for providing missing information on all returned forms. 6. The client should forward all transaction requests for processing on a timely basis and retain copies of all documents on file. 7. The client is responsible for ensuring that loan requests are within the plan and loan program guidelines prior to authorizing and forwarding the request to ABC. 8. The client is responsible for verifying distribution requests and monitoring requirements for hardship distributions before paperwork is forwarded to ABC. 9. The client is responsible for notifying ABC of participant status changes (retirement, termination, or death, etc.) in writing and in a timely manner. 10. The client is responsible for providing ABC with written instructions regarding forfeitures and allocations of forfeitures. 11. The client should provide ABC with year-end and census information in good order and in a timely manner. 12. The client should notify ABC of any participants exceeding 415 limitations or with excessive contributions. 13. The client should verify and maintain all regulatory testing results. 14. Plan sponsors and participants should keep passwords and PINs confidential and change passwords and PINs on a periodic basis. 21
22 SOC REVIEW CHECKLIST 22
23 INTERESTED IN MORE? CONTACT US. Tina Papadopoulos, CISA Management and Information Technology Consulting Group
CHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS
5-1 CHAPTER 5 INFORMATION TECHNOLOGY SERVICES CONTROLS INTRODUCTION In accordance with Statements on Auditing Standards Numbers 78 and 94, issued by the American Institute of Certified Public Accountants
More informationPlanning for an Employee Benefit Plan Audit
Planning for an EBP Audit Planning for an Employee Benefit Plan Audit Presented by: Jennifer Amato, CPA Eric Ernest, CPA, FCCA Audit Principal Assurance Director SC&H Group, LLC McConnell & Jones LLP 1
More informationThe Who, What, and Why of Service Organization Control (SOC) Engagements. Presentation to: 2nd Annual 'I Heart Audit' Conference
The Who, What, and Why of Service Organization Control (SOC) Engagements Presentation to: 2nd Annual 'I Heart Audit' Conference February 24, 2016 Agenda What is SOC? Who needs SOC? Types of SOC Engagements
More informationChapter 7. Auditing Internal Control over Financial Reporting. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved. Management Responsibilities under Section 404 Management
More informationAICPA Peer Review Program Compliance: Responding to Latest Developments
FOR LIVE PROGRAM ONLY AICPA Peer Review Program Compliance: Responding to Latest Developments WEDNESDAY, MAY 31, 2017, 1:00-2:50 pm Eastern IMPORTANT INFORMATION FOR THE LIVE PROGRAM This program is approved
More informationCPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a. AUDITING THEORY Risk Assessment and Response to Assessed Risks
Page 1 of 7 CPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a Related PSAs: PSA 400, 315 and 330 AUDITING THEORY Risk Assessment and Response to Assessed Risks 1. Which of the following is correct statement?
More informationREGULATORY HOT TOPIC Third Party IT Vendor Management
REGULATORY HOT TOPIC Third Party IT Vendor Management 1 Todays Outsourced Technology Services Core Processing Internet Banking Mobile Banking Managed Security Services Managed Data Center Services And
More informationEnhancing Audit Efficiency and Effectiveness. Dan Purvine A/E Clarity Consulting and Training, LLC
Enhancing Audit Efficiency and Effectiveness Dan Purvine A/E Clarity Consulting and Overview of this Session Applying a risk-based approach Indirect cost rate audit best practices: A/E firm preparation
More informationService Organization Controls (SOC) Reporting Discussion: Perspectives and Opportunities
IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago #IIACHI Service Organization Controls (SOC) Reporting Discussion: Perspectives and Opportunities
More informationDetailed competency map
Detailed competency map Additional competency requirements for entry to the Hong Kong Institute of CPAs qualification programme (Professional bridging examination) Fields of competency The items listed
More informationAudit Evidence. SSA 500, Audit Evidence superseded the SSA of the same title in September 2009.
SINGAPORE STANDARD SSA 500 ON AUDITING Audit Evidence SSA 500, Audit Evidence superseded the SSA of the same title in September 2009. SSA 610 (Revised 2013), Using the Work of Internal Auditors gave rise
More informationIAASB Main Agenda (March 2019) Agenda Item
Agenda Item 8 B (For Reference) INTERNATIONAL STANDARD ON AUDTING (ISA) 500, AUDIT EVIDENCE (INCLUDING CONSEQUENTIAL AND CONFORMING AMENDMENTS FROM ISA 540 (REVISED) 1 ) Introduction Scope of this ISA
More informationInternational Standard on Auditing (Ireland) 500 Audit Evidence
International Standard on Auditing (Ireland) 500 Audit Evidence MISSION To contribute to Ireland having a strong regulatory environment in which to do business by supervising and promoting high quality
More informationScope of this SA Effective Date Objective Definitions Sufficient Appropriate Audit Evidence... 6
SA 500* AUDIT EVIDENCE (Effective for audits of financial statements for periods beginning on or after April 1, 2009) Contents Introduction Paragraph(s) Scope of this SA...1-2 Effective Date... 3 Objective...
More informationEffects of Changes in Attest Standards on SOC 1 Examinations
Executive Summary Subservice organizations, management s assertion responsibilities and other items are addressed in Statement on Standards for Attestation Engagements (SSAE) No. 18, Attestation Standards:
More informationReport on controls over Devon Funds Management Limited s investment management services. For the period from 1 January 2014 to 31 December 2014
Report on controls over Devon Funds Management Limited s investment management services For the period from 1 January 2014 to 31 December 2014 Description of Investment Management Services, Controls
More informationIAASB CAG Public Session (March 2018) CONFORMING AND CONSEQUENTIAL AMENDMENTS ARISING FROM DRAFT PROPOSED ISA 540 (REVISED) 1
Agenda Item B.4 CONFORMING AND CONSEQUENTIAL AMENDMENTS ARISING FROM DRAFT PROPOSED ISA 540 (REVISED) 1 ISA 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance
More informationChapter 18. Integrated Audits of Public Companies. McGraw-Hill/Irwin. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Chapter 18 Integrated Audits of Public Companies McGraw-Hill/Irwin Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved. Nature of an Integrated Audit Auditors of public companies should
More informationAudit Evidence. HKSA 500 Issued July 2009; revised July 2010, May 2013, February 2015, August 2015, June 2017
HKSA 500 Issued July 2009; revised July 2010, May 2013, February 2015, August 2015, June 2017 Effective for audits of financial statements for periods beginning on or after 15 December 2009 Hong Kong Standard
More informationAudit Evidence This section is effective for audits of financial statements for periods ending on or after December 15, 2012.
Audit Evidence 395 AU-C Section 500 Audit Evidence Source: SAS No. 122; SAS No. 128. See section 9500 for interpretations of this section. Effective for audits of financial statements for periods ending
More informationHot Topics in Third Party Management. April 5, 2018 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
Hot Topics in Third Party Management April 5, 2018 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2018 Wolf & Company, P.C. Before we get started Today s presentation slides can
More informationInternational Standard on Auditing (UK and Ireland) 500
Standard Audit and Assurance Financial Reporting Council October 2009 International Standard on Auditing (UK and Ireland) 500 Audit evidence The FRC is responsible for promoting high quality corporate
More informationAdvanced Finance for Governing Board Members. Charter Schools: Advancing the Promise!! 2015 Annual Conference
Advanced Finance for Governing Board Members Charter Schools: Advancing the Promise!! 2015 Annual Conference Governing Body Responsibilities with regard to finance Fiduciary responsibilities outlined in
More informationISA 500. Issued March 2009; updated June International Standard on Auditing. Audit Evidence
ISA 500 Issued March 2009; updated June 2018 International Standard on Auditing Audit Evidence INTERNATIONAL STANDARD ON AUDITING 500 AUDIT EVIDENCE The Malaysian Institute of Accountants has approved
More informationInternational Auditing and Assurance Standards Board ISA 500. April International Standard on Auditing. Audit Evidence
International Auditing and Assurance Standards Board ISA 500 April 2009 International Standard on Auditing Audit Evidence International Auditing and Assurance Standards Board International Federation of
More informationIAASB Main Agenda (June 2008) Page Agenda Item
IAASB Main Agenda (June 2008) Page 2008 595 Agenda Item 2-A PROPOSED INTERNATIONAL STANDARD ON AUDITING 500 (REDRAFTED) OBTAINING SUFFICIENT APPROPRIATE AUDIT EVIDENCE (Mark-up Showing Changes from March
More informationStrengthening Vendor Risk Management Program
Strengthening Vendor Risk Management Program ACUIA Region 5 Fall Meeting Portsmouth, N.H. October 2017 PKF O Connor Davies Risk Advisory Services Governance & Regulations Cyber-Security Risk Management
More informationCity of Markham. Report of the Auditor General Human Resources Information System ( HRIS ) Implementation Audit. Presented to:
City of Markham Report of the Auditor General Human Resources Information System ( HRIS ) Implementation Audit Presented to: General Committee of Council, City of Markham Date: June 18, 2018 AGENDA Background
More informationINTERNATIONAL STANDARD ON AUDITING 500 AUDIT EVIDENCE CONTENTS
INTERNATIONAL STANDARD ON 500 AUDIT EVIDENCE (Effective for audits of financial statements for periods beginning on or after December 15, 2004) CONTENTS Paragraph Introduction... 1-2 Concept of Audit Evidence...
More informationAn Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements
ASB Meeting July 30 August 1, 2013 Agenda Item 3B AT Section 501 An Examination of an Entity s Internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements Source:
More informationPART 6 - INTERNAL CONTROL
PART 6 - INTERNAL CONTROL INTRODUCTION The A-102 Common Rule and OMB Circular A-110 (2 CFR part 215) require that non-federal entities receiving Federal awards (i.e., auditee management) establish and
More informationReport on controls over Devon Funds Management Limited s investment management services. For the period from 1 January 2015 to 31 December 2015
Report on controls over Devon Funds Management Limited s investment management services For the period from 1 January 2015 to 31 December 2015 30 th March 2016 Appserv Limited s Assertion We have reviewed
More informationAssurance Research Advisory Group Firm Data
Assurance Research Advisory Group Firm Data Program Summary The AICPA Assurance Research Advisory Group (ARAG) seeks to drive research relative to private company assurance issues that are most pressing
More informationFile. Audit. City Auditor
Accounts Payab ble - Vendor Master File Audit Craig Hametner, CPA, CIA, CISA, CMA, CFE City Auditor Prepared By Marla Hamilton, Staff Auditor Reviewed By Jed Johnson, Sr. Auditor INTERNAL AUDIT DEPARTMENT
More informationSTATEMENT OF AUDITING STANDARDS 500 AUDIT EVIDENCE
STATEMENT OF AUDITING STANDARDS 500 AUDIT EVIDENCE (Issued January 2004) Contents Paragraphs Introduction 1-2 Concept of Audit Evidence 3-6 Sufficient Appropriate Audit Evidence 7-14 The Use of Assertions
More informationINTERNATIONAL STANDARD ON AUDITING (NEW ZEALAND) 500
Issued 07/11 Compiled 10/15 INTERNATIONAL STANDARD ON AUDITING (NEW ZEALAND) 500 Audit Evidence (ISA (NZ) 500) This compilation was prepared in October 2015 and incorporates amendments up to and including
More informationThe Basics of Internal Controls & Segregation of Duties
The Basics of Internal Controls & Segregation of Duties Presented by: Kevin L. Pegish, CPA Senior Audit Manager Northwest Region klpegish@ohioauditor.gov Internal Controls, we will discuss the following:
More informationCPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a AUDITING THEORY AUDIT PLANNING
CPA REVIEW SCHOOL OF THE PHILIPPINES M a n i l a Related PSAs: PSA 300, 310, 320, 520 and 570 Appointment of the Independent Auditor AUDITING THEORY AUDIT PLANNING Page 1 of 9 Early appointment of the
More informationHiring a Quality Auditor:
Hiring a Quality Auditor: Your Guide to the Selection Process Contact information Address Phone number Website 20641-374_importance of hiring a quality auditor_r1.indd 1 Copyright 2016 American Institute
More informationHiring a Quality Auditor:
Hiring a Quality Auditor: Your Guide to the Selection Process Contact information Address Phone number Website 20641-374_importance of hiring a quality auditor_booklet.indd 1 TABLE OF CONTENTS Introduction...
More informationSeminar Internal Control Identification and Filtering
Seminar Internal Control Identification and Filtering 4 March 2011 by Stephen Ho Definition The process designed, implemented and maintained by those charged with governance, management and other personnel
More informationASSOCIATION OF ACCOUNTING TECHNICIANS OF SRI LANKA. Examiner's Report AA3 EXAMINATION - JANUARY 2016 (AA34) PROCESSES, CONTROLS AND AUDIT
ASSOCIATION OF ACCOUNTING TECHNICIANS OF SRI LANKA Examiner's Report AA3 EXAMINATION - JANUARY 2016 (AA34) PROCESSES, CONTROLS AND AUDIT General Comments Candidates performance for this paper was average.
More informationSARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017
SARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017 Pat Mitchell Managing Director Internal Audit, Risk, Business & Technology Consulting CHANGES IN THE COST AND SCOPE OF SOX COMPLIANCE
More informationPOSITION DESCRIPTION. Department: Human Resources. Working Conditions: Normal, no adverse or hazardous conditions.
Job Title: HR Generalist Reports to: Senior Manager, Human Resources Direct Reports: N/A Primary Purpose: POSITION DESCRIPTION Department: Human Resources Working Conditions: Normal, no adverse or hazardous
More informationAudit Oversight Board
Audit Board Conversation with Audit Committees Presentation by Lim Fen Nee Head, Audit Board 16 May 2016 Agenda 1. About the Audit Board 2. Global Developments Independence Technology Impact New Auditors
More informationAuditing and Assurance Standards Council
Auditing and Assurance Standards Council Philippine Standard on Auditing 600 (Revised and Redrafted) SPECIAL CONSIDERATIONS AUDITS OF GROUP FINANCIAL STATEMENTS (INCLUDING THE WORK OF COMPONENT AUDITORS)
More informationHow well you are prepared to deal with IFC
September 9, 2016 How well you are prepared to deal with IFC Price Waterhouse & Co Amit Agrawal & Madhavi D K Internal Financial Controls over Financial Reporting (IFCFR) Particulars Background Overview
More informationCharter School Administrative Services Fee Schedule
Charter School Administrative Services Fee Schedule Lake County Schools For the 2011-12 School Year A: Contract Management Services Definition: The processes required to cover the entire contract lifecycle,,
More informationChapter 8. Planning and Testing Operating Effectiveness of Internal Control over Financial Reporting. Prepared by Richard J.
Chapter 8 Planning and Testing Operating Effectiveness of Internal Control over Financial Reporting Prepared by Richard J. Campbell Copyright 2011, Wiley and Sons Learning Objectives 1. Learn the relationships
More informationSociety of Louisiana CPAs. Annual Report on Oversight. Date Issued July 21, Period covered January 1, 2016 December 31, 2016
Society of Louisiana CPAs Annual Report on Oversight Date Issued July 21, 2017 Period covered January 1, 2016 December 31, 2016 Administering Entity Oversight Process and Procedures Oversight of Peer s
More informationHuman Resources. The HR Guide to Retirement Manager. Version 1 Updated 3/5/2010
South Dakota Board of Regents Human Resources/Finance Information Systems Version 1 Updated 3/5/2010 Table of Contents Human Resources Introduction... 4 Overview... 4 Intended Audience... 4 Documentation
More informationSage 100 Contractor 2017
Sage 100 Contractor 2017 (formerly Sage Master Builder) Year-End Guide United States Edition Version 20.7 This is a publication of Sage Software, Inc. 2017 The Sage Group plc or its licensors. All rights
More informationGuidelines for Multiple Vendor 403(b) Plans Form 5500 Aggregation. Version: F January 2010 SHAPING AMERICA S RETIREMENT
Guidelines for Multiple Vendor 403(b) Plans 2009 Form 5500 Aggregation Version: F5500-1.0 January 2010 Guidelines for Multiple Vendor 403(b) Plans 2009 Form 5500 Aggregation January 2010 (Version F5500-1.0)
More informationSTATE OF NORTH CAROLINA
STATE OF NORTH CAROLINA OFFICE OF THE STATE CONTROLLER BEACON HUMAN RESOURCES AND PAYROLL SYSTEM INFORMATION TECHNOLOGY GENERAL CONTROLS JUNE 2012 PERFORMANCE AUDIT OFFICE OF THE STATE AUDITOR BETH A.
More informationEMPLOYEE BENEFIT PROGRAMS WHY SHOULD YOU BE CONCERNED?
EMPLOYEE BENEFIT PROGRAMS WHY SHOULD YOU BE CONCERNED? Mary Andersen and Len Marinaccio Pick up any business related periodical and you invariably see articles, such as the following, on ERISA compliance,
More informationPPC Library Template Report
PPC Library Template Report Engagement Letter Generator Engagement Letter Generator (20160801) Interactive Disclosure Libraries Disclosure Library for Local Governments (20160501) Disclosure Library for
More informationApplying Integrated Assurance Management Scenarios for Governance Capability Assessment
Applying Integrated Assurance Management Scenarios for Governance Capability Assessment János Ivanyos Trusted Business Partners Ltd, Budapest, Hungary, ivanyos@trusted.hu Abstract. The well established
More informationcpparms Compliance System
cpparms Compliance System The Best Solution for 401(k) Compliance Testing - 2 - Contents Introduction What is cpparms? What Will cpparms Do For Your Organization? Why Do You Need cpparms? Full Range of
More informationAccounting 408 Exam 2, Chapters 3, 4, 5, 6, E, F
Accounting 408 Exam 2, Chapters 3, 4, 5, 6, E, F Summer 2017 Name Row Multiple Choice Questions. (2 points each, 100 points total) Read each question carefully and indicate the one best answer to each
More informationAudit Evidence. ISA 500 Issued December International Standard on Auditing
Issued December 2007 International Standard on Auditing Audit Evidence The Malaysian Institute of Certified Public Accountants (Institut Akauntan Awam Bertauliah Malaysia) INTERNATIONAL STANDARD ON AUDITING
More informationUnique Groups. Rules: Total group size (union and non-union) must be 100 or fewer F-T + FTE employees AND
Carve-Outs 5-100 F-T + FTE employees must be enrolled and maintained within 's California Network Service Area AND 60% of the carve-out population must enroll with. Documentation: Group must prove that
More informationPreparing for a Headache-free Audit
Preparing for a Headache-free Audit PRESENTED TO SWMSBO Conference 2017 PRESENTED BY Molly R. Fish, CPA PREPARED BY Molly Fish, CPA Date Objectives Understand audit terminology Gain awareness of audit
More informationThe definition of a deficiency is also set forth in the attached Appendix I.
Deloitte & Touche LLP 361 South Marine Corps Drive Tamuning, GU 96913-3911 USA September 22, 2015 Tel: (671)646-3884 Fax: (671)649-4932 www.deloitte.com Mr. David Paul General Manager Marshalls Energy
More informationWATCH WORDS FROM THE PEER REVIEW PROCESS
WATCH WORDS FROM THE PEER REVIEW PROCESS Peer Review 3 NOT DOCUMENTED = NOT PERFORMED Vendor-obtained practice aids, checklists and forms are NOT audit evidence Sources of audit evidence Books, records,
More informationUsing the Work. of an Expert. HKSA 620 Issued June 2005
Issued June 2005 Effective for audits of financial statements for periods beginning on or after 15 December 2004 Hong Kong Standard on Auditing 620 Using the Work of an Expert HONG KONG STANDARD ON AUDITING
More informationTRA Internal Audit Fiscal Year 2019 Audit Plan
TRA Internal Audit Fiscal Year 2019 Audit Plan Leslie Nagel, CPA, CEBS, CIA Chief Audit Executive Approved by TRA Audit Comittee April 10, 2018 Approved by TRA Board of Trustees April 11, 2018 TRA Internal
More informationAudit Workshop Part 2 12 December 2009
Audit Workshop Part 2 12 December 2009 Nelson Lam 林智遠 MBA MSc BBA ACA ACS CFA CPA(Aust) CPA(US) FCCA FCPA(Practising) MSCA 2006-09 Nelson Consulting Limited 1 Agenda for Part 1 and Part 2 Planning Risk
More informationWATCH WORDS FROM THE PEER REVIEW PROCESS
WATCH WORDS FROM THE PEER REVIEW PROCESS Peer Review 3 NOT DOCUMENTED = NOT PERFORMED Vendor-obtained practice aids, checklists and forms are NOT audit evidence Sources of audit evidence Books, records,
More informationAT Assertions, Audit Procedures and Audit Evidence Red Sirug Page 1
AUDITING THEORY Red Sirug ASSERTIONS A ND A UDIT OBJECTIVES ASSERTIONS, A UDIT PROCEDURES A ND A UDIT EVIDENCE Nature of Assertions: Financial statements are not statements of facts. They are a collection
More informationSystem Reviews Performed at a Location Other Than the Reviewed Firm s Office Surprise Engagements... 4
December 2017 PRP Section 3100 Supplemental Guidance Contents Notice to Readers... 2 Review Requirements for Joint Ventures... 3 System Reviews Performed at a Location Other Than the Reviewed Firm s Office...
More informationOffice of the Secretary of State
This document is made available electronically by the Minnesota Legislative Reference Library as part of an ongoing digital archiving project. http://www.leg.state.mn.us/lrl/lrl.asp O L A OFFICE OF THE
More informationINTERNATIONAL STANDARD ON AUDITING 620 USING THE WORK OF AN AUDITOR S EXPERT CONTENTS
INTERNATIONAL STANDARD ON 620 USING THE WORK OF AN AUDITOR S EXPERT (Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS Paragraph Introduction Scope
More informationSA 402(REVISED) AUDIT CONSIDERATIONS RELATING TO AN ENTITY USING
Part I : Engagement and Quality Control Standards I.271 SA 402(REVISED) AUDIT CONSIDERATIONS RELATING TO AN ENTITY USING A SERVICE ORGANISATION (EFFECTIVE FOR ALL AUDITS RELATING TO ACCOUNTING PERIODS
More informationEnglish Translation (For Information Purposes Only) CODE OF BEST CORPORATE PRACTICES. Introduction
English Translation (For Information Purposes Only) SCHEDULE A CODE OF BEST CORPORATE PRACTICES Introduction Upon the initiative of the Business Coordinating Council, the Corporate Governance Committee
More information2016 EMPLOYEE BENEFIT PLAN OVERVIEW FOR KNOWLEDGE COACH USERS
2016 EMPLOYEE BEEFIT PLA OVERVIEW FOR KOWLEDGE COACH USERS PURPOSE This document is published for the purpose of communicating, to users of the toolset, updates and enhancements included in the current
More informationFRAUD AWARENESS UPDATE
Tammy Michaud, CPA, Principal Sarah Belliveau, CPA, Senior Manager FRAUD AWARENESS UPDATE berrydunn.com CATEGORIES OF FRAUD Asset misappropriations (stealing) Theft or misuse of assets Corruption Inappropriate
More informationPLEASE complete #1-25 on your green scantron and the rest of them in your blue book.
Name: Date: You can keep this exam. PLEASE complete #1-25 on your green scantron and the rest of them in your blue book. 1. To qualify as "principal auditor" and render an opinion on the financial statements
More informationevidence explained Chapter 6 The search for
Chapter 6 The search for evidence explained Learning objectives Explain why the audit evidence search is a central concept of auditing. Identify the stages of the audit process and show that evidence has
More informationThe Georgia Society of CPAs Annual Report on Oversight Issued on November 15, 2016
The Georgia Society of CPAs Annual Report on Oversight Issued on November 5, 206 I. Administering Entity Oversight Processes and Procedures Oversight of Peer Reviews and Reviewers The Georgia Society of
More informationTHIRD-PARTY RISK MANAGEMENT
THIRD-PARTY RISK MANAGEMENT Beyond a Regulatory Requirement April 28, 2017 Ken Glascock, CPA, CAMS, CIA, CFSA, CRCM Director kglascock@bkd.com AGENDA Let s Break It Down What Is Third-Party Risk Management?
More informationChapter 25 Other Assurance Services. Copyright 2014 Pearson Education
Chapter 25 Other Assurance Services Understand the level of assurance and evidence requirements for review and compilation services. Describe special engagements to review interim financial information
More informationTypes of Systems Audit & Relevance. Presented By: Prasad Pendse, CISA
Types of Systems Audit & Relevance Presented By: Prasad Pendse, CISA Agenda Systems Audit Categories & Types of Systems Audit, Relevance IT & Application Audits Security Audits Process Audits Advantages
More informationChapter 2. The CPA Profession
Chapter 2 The CPA Profession Review Questions 2-1 The four major services that CPAs provide are: 1. Audit and assurance services Assurance services are independent professional services that improve the
More informationACC 269 Auditing and Assurance Services
ACC 269 Auditing and Assurance Services COURSE DESCRIPTION: Prerequisites: ACC 220 Corequisites: None This course introduces selected topics pertaining to the objectives, theory, and practices in engagements
More informationNovember 11, American Institute of CPAs 1211 Avenue of the Americas New York, NY Re: Enhancing Audit Quality
Deloitte & Touche LLP 10 Westport Road Wilton, CT 06897 USA www.us.deloitte.com November 11, 2014 American Institute of CPAs 1211 Avenue of the Americas New York, NY 10036-8775 Re: Enhancing Audit Quality
More informationJPMC S MINIMUM CONTROL REQUIREMENTS FOR CONTINGENT LABOR SUPPLIERS
JPMC S MINIMUM CONTROL REQUIREMENTS FOR CONTINGENT LABOR SUPPLIERS These Minimum Control Requirements ( Minimum Control Requirements ) are stated at a relatively high level, and JPMC recognizes that there
More informationFor this program, attendees must listen to the audio over the telephone.
Presenting a live 110 minute teleconference with interactive Q&A Employee Benefit Plan Audit Peer Reviews Preparing for Risk Assessment, Control Document Inspection, and Other Peer Reviewer Concerns TUESDAY,
More informationSENIOR UTILITY ACCOUNTANT (1521) Task List (2016)
SENIOR UTILITY ACCOUNTANT (1521) Task List (2016) Accounting 1. Identifies contributions and payouts (to benefit recipients) that must be made in order to determine the cash needs of the Retirement, Disability
More informationPresented to OneDigital Customers and Partners. December 14, 2017
Presented to OneDigital Customers and Partners December 14, 2017 1 Today s Speakers Introductions Joanne Wacker Vice President, Operations and Administration Services Anita Messal Chief Operating Officer
More informationTEACHERS RETIREMENT BOARD. AUDITS AND RISK MANAGEMENT COMMITTEE Item Number: 8 CONSENT: ATTACHMENT(S): 1. DATE OF MEETING: November 2, 2017/ 15 mins
TEACHERS RETIREMENT BOARD AUDITS AND RISK MANAGEMENT COMMITTEE Item Number: 8 SUBJECT: 2018 Internal Audit Plan CONSENT: ATTACHMENT(S): 1 ACTION: X INFORMATION: DATE OF MEETING: / 15 mins PRESENTER: Larry
More informationVendor Management Challenges and Expectations An Open Discussion April 13, 2017
1 Practical solutions driving tangible results Vendor Management Challenges and Expectations An Open Discussion April 13, 2017 Agenda Common Themes Discussion Expectations Overcoming Obstacles Common Comments
More information9/13/2017 CHA-CHING! PAYROLL CONTROLS THAT PAY OFF PERSONAL INTRODUCTION. Personal Introduction. Melinda Stinnett, CPA, CIA Managing Director
CHA-CHING! PAYROLL CONTROLS THAT PAY OFF Melinda Stinnett, CPA, CIA Managing Director September 15, 2017 1 PERSONAL INTRODUCTION Professional Bachelor s Degree (Accounting) Oklahoma State University Public
More informationCommunity Bankers Conference
3rd Annual Regional and Community Bankers Conference The Federal Reserve Bank of Boston Disclaimer NEVER WRONG DON T COMPLETELY RELY UPON Recent Developments in Audit Practice SOX, FDICIA 112, Other Robert
More informationAuditing Standards and Practices Council
Auditing Standards and Practices Council AUDIT EVIDENCE PHILIPPINE STANDARDON AUDITING 500 (REVISED) AUDIT EVIDENCE (Effective for audits of financial statements for periods beginning on or after December
More informationEmployee Benefit Plan Audit Peer Reviews Preparing for Risk Assessment, Control Document Inspection, and Other Peer Reviewer Concerns
FOR LIVE PROGRAM ONLY Employee Benefit Plan Audit Peer Reviews Preparing for Risk Assessment, Control Document Inspection, and Other Peer Reviewer Concerns WEDNESDAY, JUNE 21, 2017, 1:00-2:50 pm Eastern
More informationCERTIFIED ADMINISTRATOR OF SCHOOL FINANCE AND OPERATIONS
SFO SCHOOL FINANCE AND OPERATIONS CERTIFIED ADMINISTRATOR OF SCHOOL FINANCE AND OPERATIONS SFO Exam Guidebook ASBO International s certification program is governed by the Certification Commission, a semi-independent
More informationReport to State Street Bank and Trust Company. Re: Expense Billing Review and Payment Determination
Report to State Street Bank and Trust Company Re: Expense Billing Review and Payment Determination April 11, 2017 Table of Contents I. Introduction & Executive Summary... 2 II. The Company s Process to
More informationStatement on February 2014 Auditing Standards 128. Using the Work of Internal Auditors
Statement on February 2014 Auditing Standards 128 Issued by the Auditing Standards Board Using the Work of Internal Auditors (Supersedes Statement on Auditing Standards [SAS] No. 65, The Auditor's Consideration
More informationEmployee Benefit Plan Audit Peer Reviews
Presenting a live 110-minute teleconference with interactive Q&A Employee Benefit Plan Audit Peer Reviews Preparing for Risk Assessment, Control Document Inspection, and Other Peer Reviewer Concerns THURSDAY,
More information