Site Search

Menu

Services and industries

Menu

Sustainability (ESG)

Loading Results

Service Organization Controls Report - International Standard on Assurance Engagements (ISAE) 3402

Increasing Transparency into Financial Controls

One of the most commonly outsourced functions is transaction processing. To provide stakeholders with increased transparency into the financial controls within the transaction processing, PwC can prepare an ISAE 3402 report. This report is designed to address internal controls over financial reporting. PwC’s ISAE 3402 engagement provides independent assurance on controls over processes related to financial reporting that have been outsourced to a third party. This report is restricted-use and contains a detailed description of the auditor’s tests of controls and results.

Having an ISAE 3402 report increases stakeholder confidence and drives competitive advantage.

How we help our clients

 

PwC can help you by performing:

  • Readiness assessment - PwC will establish the scope, assess controls, conduct gap analysis, and provide recommendations on identified control gaps.
  • Attestation and reporting services - PwC will issue a service auditor’s opinion on the fairness of the presentation of the description of the system, the suitability of the design of the controls to meet the specified control objectives and, in a type 2 report, the operating effectiveness of those controls.
  • Staff secondment - PwC will source out employees that will act as your:
    • Project manager - we will act as a liaison officer between the auditors and process owners for your audit and compliance projects. Our responsibility includes managing document requests and audit raised issues.
    • Staff - we will execute tasks as determined by your team. This may include creation of risk and controls matrix, risk issues tracker, management written statement and controls description report.

 

Why are we qualified to help

PwC has engaged recurring third party assurance report engagements with different organizations ranging from back office solutions, research and development, healthcare, and technology service providers among others. By bringing together our industry-specific skills in technology, regulatory compliance, finance and accounting and other business processes, our team has helped multiple clients identify and mitigate risk and enhancing trust and transparency with their customers.

We have also worked with other PwC offices (under direct supervision) in assessing the Global ISAE 3402 Type 2 and GS007 reports over the Share Service Center's (SSC) controls related to the trade operations across different market segments.

Our team's combined credentials are composed of the following:

  • Certified Public Accountant (CPA) in the Philippines
  • Certified Information Systems Auditor (CISA)
  • Certified in COBIT 5 Foundation Level (CCOBIT5F) and Implementation (CCOBIT5I) 
  • ISO Lead Auditor for Business Continuity Management Systems (ISO 22301:2012) Course Passer
  • ISO Lead Auditor for Quality Management Systems (ISO 9001:2008) Course Passer
  • ISO Information Security Management System Auditor/Lead Auditor (ISO 27001:2013) Course Passer
  • Quality Assurance Improvement Program (Quality Assurance Review) Course Passer

The following selected citations represent engagements where we have helped clients:

PwC partnered with a leading Consulting and Business Outsourcing Firm in ISAE 3402 Type 2 engagements that focus on the review of ITGCs and payroll processing system with recurring engagements since 2010.

A leading Global Enterprise for Business Process and Document Management engaged PwC in ISAE 3402 Type 2 engagements that focus on the review of the suitability of the design and operating effectiveness of controls as it relates to the fixed assets, revenue and expense of the specific client with recurring engagements since 2012.

PwC has helped a leading provider of paraplanning services in an ISAE 3402 Type 2 engagement that focus on the review of paraplanning process.

Provides assistance to other PwC offices (under direct supervision) in assessing the Global ISAE 3402 Type 2 and GS007 reports over the Share Service Center's (SSC) controls related to the trade operations across different market segments of the entities since 2016.

Explore further

Trust and Transparency - Main page Service Organization Controls Report: ISAE 3000

Research and insights

{{filterContent.facetedTitle}}

Related Content

Contact us

Maria Rosell S. Gomez

Maria Rosell S. Gomez

Risk Assurance Leader, PwC Philippines

Tel: +63 (2) 8845 2728

Linkedin Follow Email
Lalaine Aviles

Lalaine Aviles

Risk Assurance Manager, PwC Philippines

Tel: +63 (2) 8845 2728

Linkedin Follow Email
Dyan Rose Esguerra

Dyan Rose Esguerra

Risk Assurance Assistant Manager, PwC Philippines

Tel: +63 (2) 8845 2728

Linkedin Follow Email
Archelle Marie Azuro

Archelle Marie Azuro

Risk Assurance Assistant Manager, PwC Philippines

Tel: +63 (2) 8845 2728

Linkedin Follow Email

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Hide