Featured - 4 items
Provide transparency and establish trust to communicate the right information to the right people at the right time
Today’s marketplace is crowded, and customers – whether businesses or individuals are more discerning than ever. For organizations to succeed, they need to be trusted. Stakeholders are looking for information that is clear, relevant, and reliable. Information they can trust.
In line with international standards, we help organizations respond to demands for increased transparency and industry comparability, and increase the credibility of that reporting.
Key issues
- Transparency of outsourced activities
- Compliance with contractual and regulatory requirements
- Readiness for assurance reporting
Transparency of outsourced activities
Companies continue to turn to outsourcing as a means of reducing costs and improving efficiencies. As more companies outsource transaction processing or share sensitive data, the demand for trust and greater transparency across organizations’ internal controls increases. So, too, does the need for auditor reporting on those internal controls at a third party entity (or “service organization”) either through the following assurance reports:
ISAE 3402 (Internal controls over financial reporting) or SOC 1 equivalent
ISAE 3000 with reference to trust service criteria or SOC 2 equivalent
Compliance with contractual and regulatory requirements
As outsourcing becomes more prevalent, so does the need for assurance around vendor operations, processes and controls - especially with higher-risk data. Customers want their vendors to provide assurance over a range of general and industry-specific concerns, including third party management, third party data security and privacy, regulatory compliance, availability, processing integrity, and confidentiality either through the following assurance reports:
ISAE 3402 (Internal controls over financial reporting) or SOC 1 equivalent
ISAE 3000 with reference to trust service criteria or SOC 2 equivalent
Readiness for assurance reporting
Completing an assurance report engagement can be overwhelming for some service organizations. Assistance of a trusted business advisor in defining the appropriate scope, conducting control gap assessment, and guidance on remediation activities will help the organization successfully complete either of the following assurance reports:
ISAE 3402 (Internal controls over financial reporting) or SOC 1 equivalent
ISAE 3000 with reference to trust service criteria or SOC 2 equivalent
Third Party Assurance - Controls over Financial Reporting
(ISAE 3402)
Companies continue to turn to outsourcing as a means of reducing costs and improving efficiencies. As more companies outsource transaction processing or share sensitive data, the demand for trust and greater transparency across organizations’ internal controls increases. So, too, does the need for auditor reporting on those internal controls at a third party entity (or “service organization”).
Third Party Assurance - Beyond Controls over Financial Reporting
[ISAE 3000 with Reference to AICPA’s Five (5) Trust Service Criteria]
With the continued growth of data driven business solutions, there is also an increasing demand for assurance over the management and security of sensitive data. Companies who rely on third parties to use, store, and dispose of critical data need comfort that their service provider’s control environment is strong and able to protect both financial and non-financial information.
Swift Customer Security Program (CSP)
We conduct assessment as an independent external assessor on the Customer Security Controls Framework (CSCF) mandatory and advisory controls.
Other services
Related Content
Contact us
Follow PwC Philippines
