31386 paragraphs found
Further Procedures When a Sufficient Understanding Cannot Be Obtained from the User Entity (Ref: Para. 12 ) …
The user auditor’s decision as to which procedure, individually or in combination, in paragraph 12 to undertake, in order to obtain the information necessary to provide a basis for the identification and assessment of the risks of material misstatement in …
A service organisation may engage a service auditor to report on the description and design of its controls (type 1 report) or on the description and design of its controls and their operating effectiveness (type 2 …
The availability of a type 1 or type 2 report will generally depend on whether the contract between a service organisation and a user entity includes the provision of such a report by the service organisation. A service organisation may also elect, for …
In some circumstances, a user entity may outsource one or more significant business units or functions, such as its entire tax planning and compliance functions, or finance and accounting or the control function to one or more service organisations. As a …
Another auditor may be used to perform procedures that will provide the necessary information about the relevant controls at the service organisation related to services provided to the user entity. If a type 1 or type 2 report has been issued, the user …
A user entity may use a service organisation that in turn uses a subservice organisation to provide some of the services provided to a user entity that are part of the user entity’s information system relevant to financial reporting. The subservice …
Using a Type 1 or Type 2 Report to Support the User Auditor’s Understanding of the Service Organisation (Ref: Para. 13‑14 ) …