The objectives of the user auditor, when the user entity uses the services of a service organisation, are:

  1. To obtain an understanding of the nature and significance of the services provided by the service organisation and their effect on the user entity’s system of internal control, sufficient to provide an appropriate basis for the identification and assessment of the risks of material misstatement; and
  2. To design and perform audit procedures responsive to those risks.