The objectives of the user auditor, when the user entity uses the services of a service organisation, are:

  1. To obtain an understanding of the nature and significance of the services provided by the service organisation and their effect on the user entity’s internal control relevant to the audit, sufficient to identify and assess the risks of material misstatement; and
  2. To design and perform audit procedures responsive to those risks.