Navigating the transition to CSAE 3416
|
|
- Tamsin Leslie Harrington
- 7 years ago
- Views:
Transcription
1 Navigating the transition to CSAE 3416 FAQs on the new Canadian Standard on Assurance Engagements
2 In response to changes in third-party assurance standards in both the US and internationally, the Auditing and Assurance Standards Board has issued a new Canadian Standard on Assurance Engagements called Reporting on Controls at a Service Organization (CSAE 3416). This standard replaces the Auditor s Report on Controls at a Service Organization, Section 5970 (S 5970), which has been the standard in Canada for performing independent third-party assurance engagements. CSAE has been designed to provide standards and guidance to an auditor who is reporting on the controls at a service organization. This is relevant to situations when the service (a specialized business task or function) being provided to customers (or user entities) impacts the user entity s financial reporting processes. In such situations, service organizations are often subjected to audits of these processes. 1 FAQs on the new Canadian Standard on Assurance Engagements
3 How will the CSAE affect my organization? CSAE 3416 (and S 5970) allows auditors to issue two types of service auditor s reports. In a type 1 report the service auditor expresses an opinion on the fair presentation of the described controls (i.e. does the description coincide with what actually exists) and whether the controls included in the description are suitably designed to meet the control objectives. Once controls are determined to be suitably designed to achieve the control objectives, their operating effectiveness can be assessed and reported on, within a type 2 report. In both of the above reports, the service organization is responsible for the preparation of the system description inserted into the report. This description includes the nature of the service provided, how the service is performed, and the service organization s controls over the service and related control objectives. Why the need for change? The CSAE is aligned with the new Statement on Standards for Attestation Engagements (SSAE 16), Reporting on Controls at a Service Organization, which was issued by the American Institute of Certified Public Accountants (AICPA) Auditing Standards Board (ASB). The SSAE 16 standard was released in response to the new International Standard on Assurance Engagements (ISAE 3402), which was created to provide a reporting option for service organizations with the need to deliver consistent reporting worldwide. PwC 2
4 Are there any significant differences between CSAE 3416, the new international standard ISAE 3402, and the new US standard SSAE 16? By aligning with the new SSAE, the CSAE materially aligns with ISAE 3402 in most respects. The CSAE 3416 standard is modeled after the US standard SSAE 16, with a six month lag in effective date. Will the new standard be as widely accepted as the existing Section 5970? As of December 15, 2011, S 5970 will be replaced by CSAE It is expected that all current users and issuers of S 5970 reports will move to CSAE 3416, except in instances where the service organization wants to target a non-canadian audience. In these circumstances, the SSAE 16 or ISAE 3402 may be used. When will the new standards be effective? CSAE 3416 will be effective for service auditor s reports for periods ending on or after December 15, This is six months after the effective date of the International Auditing and Assurance Standards Board s (IAASB) and the AICPA s standard for service auditors (June 15, 2011). Can a single report be issued under more than one standard? Yes it can. The report can be tailored to meet the criteria of multiple standards, with one standard being considered the anchor standard. 3 FAQs on the new Canadian Standard on Assurance Engagements
5 Have significant changes been made to CSAE 3416 that will affect a service auditor s engagement? Will these changes lead to a considerable change in the level of effort and cost to issue a report under the new standard? While the standard does include some new requirements and changes to previous requirements as outlined in S 5970, the change in the level of effort from a service organization s standpoint would depend on how prepared they are. Factors that may affect the level of effort include the service organization s past experience with third-party assurance reporting and the overall strength of the internal controls environment. The level of effort for first time issuers of a third-party assurance report under the new standard will be significantly higher. Please refer to A new level of trust and transparency A perspective on transitioning from Section 5970 to CSAE 3416 for more detail in this area. Can CSAE 3416 be used for reporting on controls over subject matter other than financial reporting? No. While early exposure drafts considered the expansion of scope beyond controls related to financial reporting, later drafts removed this provision. CSAE 3416 (as well as S 5970) does not apply to examinations of controls over subject matter other than financial reporting. These types of engagements would be performed under Section 5025, Standards for Assurance Engagements Other than Audits of Financial Statements and other historical financial information. PwC 4
6 What types of activities can be performed by service organizations to prepare for the move to the new standard? Is early adoption permitted? While it is not expected that many organizations will adopt the new Canadian standard early, we re encouraging organizations to begin aligning their existing reports and supporting processes with the new requirements. If an organization chooses to adopt early, we suggest they reach out to their service auditors to discuss next steps in their transition. Is the existing guidance to assist with the performance of S 5970 engagements being rewritten? When will the new guidance be available? Yes. The existing AICPA guide, which is often used as a reference in Canada (AICPA guide for Service Organizations or SAS 70 guide), is being rewritten to reflect the requirements and guidance in SSAE 16. This revised guide can be consulted when performing CSAE 3416 engagements in the future, and is expected to be available in the second quarter of FAQs on the new Canadian Standard on Assurance Engagements
7 Can service organizations provide a CSAE 3416 service auditor s report on their services to potential customers? No. Given that the nature of services performed by individual service organizations are different, service auditor s reports are designed to only include controls that services organizations feel are relevant to their existing clients (and user auditors). Additionally, any procedures performed by the service auditor (used to formulate their opinion) only relate to the controls that apply to existing customers. As a result, use of a CSAE 3416 report (or S 5970 report) is restricted to existing customers (user entities) of the service organization and their auditors and is not meant to be used for the purpose of marketing to potential customers. Will entities now become certified under CSAE 3416 and similar standards? No. The idea of certifying against CSAE 3416 and S 5970 (and other similar standards) is a popular misconception, since thirdparty assurance reports (including CSAE 3416 and S 5970) are meant primarily for auditor to auditor communication. Neither of these represents a prescriptive framework against which a service provider can be evaluated (unlike certification frameworks such as ISO or PCI). As a result, a service provider cannot be certified as CSAE 3416 compliant. PwC 6
8 Who to call National Controls Leader Arturo Lopez Calgary & Vancouver Justin Abel Edmonton Kishan Dial Montréal Marc Fournier Ottawa Anthony Dias Toronto Peter Hargitai Jennifer Johnson Tony Pedari Johanna Sun Winnipeg Robert Reimer PricewaterhouseCoopers LLP. All rights reserved. In this document, PwC refers to PricewaterhouseCoopers LLP, an Ontario limited liability partnership, which is a member firm of PricewaterhouseCoopers International Limited, each member firm of which is a separate legal entity
TIS Section 9520, SSAE No. 16, Reporting on Controls at a Service Organization
November 2011 AICPA Technical Practice Aids TIS Section 9520, SSAE No. 16, Reporting on Controls at a Service Organization.01 New Standards for Service Auditors and User Auditors Inquiry Did the issuance
More informationBASIS FOR CONCLUSIONS Canadian Standard on Assurance Engagements (CSAE) 3416, Reporting on Controls at a Service Organization
August 2010 BASIS FOR CONCLUSIONS Canadian Standard on Assurance Engagements (CSAE) 3416, Reporting on Controls at a Service Organization This Basis for Conclusions has been prepared by staff of the Auditing
More informationGoodbye, SAS 70! Hello, SSAE 16!
Goodbye, SAS 70! Hello, SSAE 16! A Session to Provide Insight on the New Standard and What Service Providers and End-Users Need to Know January 3, 2012 Agenda Introduction Background on what was SAS 70
More informationG24: Audits of Controls at a Service Organization: New Standards SSAE 16 and ISAE 3402 Duff Donnelly and Jeffrey Spivack, Grant Thornton LLP
G24: Audits of Controls at a Service Organization: New Standards SSAE 16 and ISAE 3402 Duff Donnelly and Jeffrey Spivack, Grant Thornton LLP Audits of controls at a service organization Roadmap to the
More informationFeeley & Driscoll, P.C. Certified Public Accountants / Business Consultants www.fdcpa.com. Visit us on the web: www.fdcpa.com Or Call: 888-875-9770
Feeley & Driscoll, P.C. Certified Public Accountants / Business Consultants www.fdcpa.com SAS 70 Background 2 SAS No. 70 Reports on the Processing of Transactions by Service Organizations Independent examination
More informationAt a glance. A provision to require a written assertion from company management is the most notable difference between the two standards.
At a glance While there are some differences, SAS 70 and SSAE 16 are substantially the same. SAS 70 is an audit standard while SSAE 16 is an attest standard. Out with the old SAS 70 and in with the new
More informationThe end of SAS70 what next for Performance Assurance?
Enhancing Trust and Transparency The end of SAS70 what next for Performance Assurance? A perspective on transitioning from SAS 70 to ISAE 3402 pwc Enhancing Trust and Transparency 1 Contents What you need
More informationFAQs New Service Organization Standards and Implementation Guidance
FAQs New Service Organization Standards and Implementation Guidance During the past two years several significant changes have occurred in audit and attest standards for reporting on controls at service
More informationAssuring success in large business programs Internal audit s role in strategic risk management
The resilience, reputation and value of a company can be positively influenced by successful transformation projects. Assuring success in large business programs Internal audit s role in strategic risk
More informationMHM S PERSPECTIVE: CHANGES COMING TO SAS 70.KNOW THE FACTS
Mayer Hoffman McCann P.C. An Independent CPA Firm MHM S AUDITING PERSPECTIVE: STANDARD NO. 5 Since its issuance in 1992, the American Institute of Certified Public Accountants (AICPA) Statement on Auditing
More informationSTANDING ADVISORY GROUP MEETING
1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202)862-8430 www.pcaobus.org STANDING ADVISORY GROUP MEETING RESPONSIBILITIES OF THE PRINCIPAL AUDITOR APRIL 7-8, 2010 Introduction
More informationMonitoring Outside Service Providers, Part III: SAS 70 Updates
Monitoring Outside Service Providers, Part III: SAS 70 Updates Richard F. Fischer, CPA Louis Plung & Company, LLP richard.fischer@louisplung.com 412-281-8771 CHANGES TO SAS 70 SERVICE ORGANIZATIONS: Statement
More informationService Organization Controls. Managing Risks by Obtaining a Service Auditor s Report
Service Organization Controls Managing Risks by Obtaining a Service Auditor s Report Contributing Authors Audrey Katcher, CPA/CITP, Partner at RubinBrown, LLP Janis Parthun, CPA/CITP, Sr. Technical Manager
More informationG24 - SAS 70 Practices and Developments Todd Bishop
G24 - SAS 70 Practices and Developments Todd Bishop SAS No. 70 Practices & Developments Todd Bishop Senior Manager, PricewaterhouseCoopers LLP Agenda SAS 70 Background Information and Overview Common SAS
More informationUnderstanding ISO 27018 and Preparing for the Modern Era of Cloud Security
Understanding ISO 27018 and Preparing for the Modern Era of Cloud Security Presented by Microsoft and Foley Hoag LLP s Privacy and Data Security Practice Group May 14, 2015 Proposal or event name (optional)
More informationFarewell to SAS 70. What you need to know about the New Standard for Service Organization Reporting
Farewell to SAS 70 What you need to know about the New Standard for Service Organization Reporting ADVISORY rights reserved. KPMG and the KPMG logo are registered trademarks of KPMG International Cooperative
More informationINTRODUCTION TO ISO 9001 REVISION - COMMITTEE DRAFT
INTRODUCTION TO ISO 9001 REVISION - COMMITTEE DRAFT AGENDA Introduction Annex SL Changes to ISO 9001 Future Development How SGS can support you 2 INTRODUCTION ISO 9001 Revision Committee Draft Issued 2013
More informationSAMPLE NPO SOCIETY FINANCIAL STATEMENTS. August 31, 2011
FINANCIAL STATEMENTS August 31, 2011 INDEX Page Independent Auditor's Report 2 Statement of Operations 3 Statement of Changes in Net Assets 4 Statement of Financial Position 5 Cash Flow Statement 6 Notes
More informationHere comes SSAE 16 SAS 70 EVOLUTION: How will the new standard affect my business? How do I prepare to meet the new requirements?
SAS 70 EVOLUTION: Here comes SSAE 16 PLANNING FOR THE NEW SERVICE ORGANIZATION REPORTING STANDARDS The prevalence of SAS 70 audits has grown dramatically since the standards issuance in April of 1992.
More informationFrequently asked questions: SOC 2 and 3
1. Is the licensing requirement for a SOC 2 or 3 different than for a SOC 1? SOC reports are attestation reports issued in accordance with AICPA standards. Therefore, licensing requirements are the same
More informationEPCS Third party audits the CPA perspective. 13 September 2012
EPCS Third party audits the CPA perspective 13 September 2012 Agenda Introduction History Report review Audit process Moving forward Introduction 1311.300 Application provider requirements Third-party
More informationUpdating the Benefits of the GST New Housing Rebate
Housing Affordability and Choice for Canadians: Building on Success Updating the Benefits of the Introduction: When the Goods and Services Tax (GST) was introduced in 1991, the federal government recognized
More informationISO 9001 REVISION INTRODUCTION TO ISO 9001: 2015
ISO 9001 REVISION INTRODUCTION TO ISO 9001: 2015 AGENDA Introduction Structure and Terminology Changes to ISO 9001 Future Developments How SGS can support you 2 INTRODUCTION ISO/DIS 9001 Issued May 2014
More informationThe Directors Cut. The power of data: What directors need to know about Big Data, analytics and the evolution of information. www.pwc.
www.pwc.com/ca/acconnect The Directors Cut The power of data: What directors need to know about Big Data, analytics and the evolution of information December 201 This newsletter is brought to you by PwC
More informationUpdate on AICPA Assurance Services Executive Committee Activities
Update on AICPA Assurance Services Executive Committee Activities Amy Pawlicki Director Business Reporting, Assurance & Advisory Services and XBRL AICPA Agenda ASEC overview Summary of work streams by
More informationCSA Position Paper on AICPA Service Organization Control Reports
CSA Position Paper on AICPA Service Organization Control Reports February 2013 2013, Cloud Security Alliance. All rights reserved. You may download, store, display on your computer, view, print, and link
More informationChapter 04. Board of Public Accountancy.
Chapter 04. Board of Public Accountancy. (Words in boldface and underlined indicate language being added; words [CAPITALIZED AND BRACKETED] indicate language being deleted. Complete new sections are not
More informationRE: PCAOB Rulemaking Docket Matter No. 004 Statement Regarding the Establishment of Auditing and Other Professional Standards
May 12, 2003 Office of the Secretary Public Company Accounting Oversight Board 1666 K Street, N.W. Washington, D.C. 20006-2803 RE: PCAOB Rulemaking Docket Matter No. 004 Statement Regarding the Establishment
More informationDemographic Overview. Demographic Overview
Demographic Overview Brampton Among Canada s 2 Largest Municipalities Toronto (Ont.) Montréal (Que.) Calgary (Alta.) Ottawa (Ont.) Edmonton (Alta.) Mississauga (Ont.) Winnipeg (Man.) Vancouver (B.C.) Brampton
More informationRe-Settlers: The Secondary Migration of Immigrants Between Canada s Cities Jack Jedwab Executive Director Association for Canadian Studies
Re-Settlers: The Secondary Migration of s Between Canada s Cities Jack Jedwab Executive Director Association for Canadian Studies Immigration is an important source of growth for Canada s cities. s tend
More informationProtecting your brand in the cloud Transparency and trust through enhanced reporting
Protecting your brand in the cloud Transparency and trust through enhanced reporting Third-party Assurance November 2011 At a glance Cloud computing has unprecedented potential to deliver greater business
More informationAudit, Review, Compilation, and Preparation of Financial Statements
Audit, Review, Compilation, and Preparation of Financial Statements DISCLAIMER: This publication has not been approved, disapproved or otherwise acted upon by any senior technical committees of, and does
More informationThird party assurance services
TECHNOLOGY RISK SERVICES Third party assurance services Delivering assurance over your service providers The current third party service provider environment Corporate UK has been transformed in recent
More informationPostmedia Network Canada Corp. Q3 F2015 Investor and Analyst Conference Call July 9, 2015
Postmedia Network Canada Corp. Q3 F2015 Investor and Analyst Conference Call July 9, 2015 Forward Looking Statements This presentation may include certain information that is forward-looking information
More informationService Organization Control (SOC) reports What are they?
Service Organization Control (SOC) reports What are they? Jeff Cook, CPA, CITP, CIPT, CISA June 2015 Introduction Service Organization Control (SOC) reports are on the rise in the IT assurance and compliance
More informationBackground. Audit Quality and Public Interest vs. Cost
Basis for Conclusions: ISA 600 (Revised and Redrafted), Special Considerations Audits of Group Financial Statements (Including the Work of Component Auditors) Prepared by the Staff of the International
More informationService Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard
Information Systems Audit and Controls Association Service Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard February 4, 2014 Tom Haberman, Principal, Deloitte & Touche LLP Reema Singh,
More informationService Organization Controls. Managing Risks by Obtaining a Service Auditor s Report
Service Organization Controls Managing Risks by Obtaining a Service Auditor s Report Contributing Authors Audrey Katcher, CPA, CITP, Partner at RubinBrown, LLP Janis Parthun, CPA, CITP, Sr. Technical Manager
More informationSERVICE ORGANIZATION CONTROL REPORTS SM. Formerly SAS 70 Reports
SERVICE ORGANIZATION CONTROL REPORTS SM Formerly SAS 70 Reports SAS No. 70, Service Organizations Standard for reporting on a service organization s controls affecting user entities financial statements
More informationPwC. Bill 198 Overview September 2004
PwC Bill 198 Overview September 2004 Agenda Welcome and overview Regulatory environment and background Three rules: 52-109 Strategies for implementing the CEO/CFO certification process 52-110 Requirements
More informationThe 21 st Century Version of SAS 70..SSAE 16
presents Mastering SAS 70 Audit Reports for Service Organizations Evaluating Internal Controls Issues With Type I and Type II Reports A Live 110-Minute Teleconference/Webinar with Interactive Q&A Today's
More informationSSAE 16 & SAS 70 A Primer on Changes to Service Organization Audit Standards
A Member of OneBeacon Insurance Group SSAE 16 & SAS 70 A Primer on Changes to Service Organization Audit Standards Author: Jack Fletcher, Risk Control Technology Specialist Published: November 2014 Executive
More informationA Flexible and Comprehensive Approach to a Cloud Compliance Program
A Flexible and Comprehensive Approach to a Cloud Compliance Program Stuart Aston Microsoft UK Session ID: SPO-201 Session Classification: General Interest Compliance in the cloud Transparency Responsibility
More informationNew Canadian reporting requirements for Canadian private placement sales
April 14 2016 UPDATE New Canadian reporting requirements for Canadian private placement sales Authors: Rob Lando, Lori Stein Posted in Resources > Canadian Legislation & Regulations NEW TRADE REPORT REQUIREMENTS
More information9/14/2015. Before we begin. Learning Objectives. Kevin Secrest IT Audit Manager, University of Pennsylvania
Evaluating and Managing Third Party IT Service Providers Are You Really Getting The Assurance You Need To Mitigate Information Security and Privacy Risks? Kevin Secrest IT Audit Manager, University of
More informationCommunications. How to complete the M&A integration process, minimize disruptions, and achieve desired synergies.* *connectedthinking
Advisory Services Capturing M&A Integration Deal Value Communications How to complete the M&A integration process, minimize disruptions, and achieve desired synergies.* In the flurry of activity that surrounds
More informationOpen Government and Information Management. Roy Wiseman Executive Director, MISA/ASIM Canada CIO (Retired), Region of Peel roy.wiseman@outlook.
Open Government and Information Management Roy Wiseman Executive Director, MISA/ASIM Canada CIO (Retired), Region of Peel roy.wiseman@outlook.com Open Government Defined Government of Canada defines Open
More informationFinance Report: Audited Financial Statements, for the year ended March 31, 2015
Finance Report: Audited Financial Statements, for the year ended March 31, 2015 Bob Dillman, Finance & Operations Director Mitchell Cook, Finance & Operations Manager Remembering a Leader Bethany Tory
More informationAbout the Presenter. Presentation Objectives. SaaS / Cloud Computing Risk Management AICPA Attest Alternatives
SaaS / Cloud Computing Risk Management AICPA Attest Alternatives Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP Georgia Society of CPAs Annual Convention June 16, 2010 About the Presenter
More informationTHE CITY OF GREATER SUDBURY COMMUNITY DEVELOPMENT CORPORATION
Financial Statements of THE CITY OF GREATER SUDBURY COMMUNITY DEVELOPMENT CORPORATION Year ended December 31,2011 p-wc June 27, 2012 Independent Auditors Report To the Board of Directors of the City of
More informationAberdeen City Council IT Governance
Aberdeen City Council IT Governance Internal Audit Report 2013/2014 for Aberdeen City Council May 2014 Internal Audit KPIs Target Dates Actual Dates Red/Amber/Green Commentary where applicable Terms or
More informationYOUR CANADIAN CONNECTION
YOUR CANADIAN CONNECTION Rogers Carrier Services offers domestic and international wholesale partners a broad range of innovative telecommunications services featuring the performance, scalability and
More informationBC54: Preparing for a SAS 70 Audit
BC54: Preparing for a SAS 70 Audit Kathleen Lucey Montague Risk Management kalucey@montaguetm.com tel: 1.516.676.9234 1 What is SAS 70? History and Purpose What does it include? Type 1 vs. Type 2 Grades
More informationQuestions from GAQC Conference Call The Impact of SAS 112 on Governmental Financial Statement Audits January 4, 2007
Questions from GAQC Conference Call The Impact of SAS 112 on Governmental Financial Statement Audits January 4, 2007 Preparing Financial Statements Q1. During a recent AICPA Webcast, a panelist indicated
More informationConsultation on the Applicability of IPSASs to Government Business Enterprises and Other Public Entities
International Public Sector Accounting Standards Board Ms Stephanie Fox IPSASB Technical Director 277 Wellington Street West Toronto, Ontario M5V 3H2 Canada E-mail: stepheniefox@ipsasb.org 23 December
More informationHow mature is the internal control framework at your service organisation? ISAE 3402 and SSAE 16: Reinforcing confidence through demonstration of
How mature is the internal control framework at your service organisation? ISAE 3402 and SSAE 16: Reinforcing confidence through demonstration of effective controls ISAE 3402 and SSAE 16 defined Overview
More informationOUTSOURCING AND SERVICE AUDITOR S REPORTS
OUTSOURCING AND SERVICE AUDITOR S REPORTS FREEDOM TO DO BUSINESS Outsourcing and service Auditor s Reports 3 OUTSOURCING AND SERVICE AUDITOR S REPORTS SERVICE AUDITOR S REPORTS ARE GROWING IN IMPORTANCE,
More informationFraud Risk Management
RISK CONSULTING Fraud Risk Management A proactive approach to counter the risk of fraud and misconduct kpmg.ca/forensic 2014 KPMG LLP, a Canadian limited liability partnership and a member firm of the
More informationSAS No. 70, Service Organizations
SAS No. 70, Service Organizations A standard for reporting on a service organization s controls affecting user entities' financial statements. Only for use by service organization management, existing
More informationwww.pwc.com/ca Forest Management and Chain of Custody Certification November 18, 2014 WPAC 2014 AGM Fibre Supply Chain Certification 101
www.pwc.com/ca Forest Management and Chain of Custody Certification November 18, 2014 WPAC 2014 AGM Fibre Supply Chain Certification 101 Agenda 1. History of Forest Management Certification and Chain of
More informationACL ANALYTICS. Installation and Activation Guide
ACL ANALYTICS Installation and Overview... 2 Installation and Licensing... 2 Activation... 2 System Requirements... 2 Installing and Activating ACL Analytics... 3 Step 1: Download and Install ACL Analytics...
More informationThe Changing SAS 70 Landscape Dan Hirstein Director Rebecca Goodpasture Senior Manager Deloitte & Touche LLP January 13, 2011
The Changing SAS 70 Landscape Dan Hirstein Director Rebecca Goodpasture Senior Manager Deloitte & Touche LLP January 13, 2011 Table of Contents A Short History of SAS 70 Overview of SSAE 16 and ISAE 3402
More informationThe Students Union, The University of Calgary. Financial Statements June 30, 2014
The Students Union, The University of Calgary Financial Statements June 30, November 18, Independent Auditor s Report To the Members of The Students Union, The University of Calgary We have audited the
More informationCanadian Trucking Alliance Electronic Logging Devices (ELDs) The Road Ahead
Canadian Trucking Alliance Electronic Logging Devices (ELDs) The Road Ahead October 2015 Workshop Series Vancouver, Calgary, Edmonton, Winnipeg, Halifax, Regina, Toronto Agenda Current Industry Uptake
More informationThe Finance & Audit (F&A) Committee is expected to consider F&A Committee Agenda Item 4: at its meeting on December 7, 2015.
The Finance & Audit (F&A) Committee is expected to consider F&A Committee Agenda Item 4: Recommendation regarding Acceptance of 2015 Service Organization Control (SSAE 16) Audit Report at its meeting on
More informationMultiple Auditing Standards and Standard Setting: Implications for Practice and Education
Volume 7, Issue 1 2013 Pages C1 C10 American Accounting Association DOI: 10.2308/ciia-50344 COMMENTARY Multiple Auditing Standards and Standard Setting: Implications for Practice and Education Charles
More informationREGIONAL SPOKESPERSON BIOGRAPHIES
REGIONAL SPOKESPERSON BIOGRAPHIES CONTENTS Robert Nardi, National...1 Duncan Stewart, National...2 Clinton G. McNair, Calgary...3 J. Blair Knippel, Prairie...4 Jamie Barron, Southwestern Ontario...5 Jeffrey
More informationMontreal Quebec Toronto Ottawa Edmonton Philadelphia Denver Tampa. www.legermarketing.com
Montreal Quebec Toronto Ottawa Edmonton Philadelphia Denver Tampa www.legermarketing.com Methodology INSTRUMENT An online survey was conducted between May 10 th and May 13 th, 2010. SCOPE The survey was
More informationCybersecurity and the AICPA Cybersecurity Attestation Project
Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive Director EY Chair AICPA Trust Information Integrity Task Force 2 October 2015 Increasing awareness of cybersecurity
More informationService Organization Control Reports
SAS 70 ENDS EXIT TO SSAE 16 Service Organization Control Reports What Did We Learn from Year One? Agenda Definitions Service Organization Reports What are they? Year One Experiences SSAE 16 Year One Experiences
More informationService Organization Control (SOC) Reports
Service Organization Control (SOC) Reports Transitioning from SAS 70 to SSAE 16 Deloitte & Touche LLP Agenda Overview SAS 70/SSAE 16 Historical Perspective The New Framework Under SSAE 16 (SOC 1) Impact
More informationShared Service System Audits: What User Management and Auditors Need to Know
Shared Service System Audits: What User Management and Auditors Need to Know JFMIP May 2014 Presented by: Robert Dacey GAO Session Objectives Properly using SSAE 16 service organization audit reports Revisions
More information10 Considerations for a Cloud Procurement. Anthony Kelly Erick Trombley David DeBrandt Carina Veksler January 2015
10 Considerations for a Cloud Procurement Anthony Kelly Erick Trombley David DeBrandt Carina Veksler January 2015 www.lbmctech.com info@lbmctech.com Purpose: Cloud computing provides public sector organizations
More informationwww.pwc.com Third Party Risk Management 12 April 2012
www.pwc.com Third Party Risk Management 12 April 2012 Agenda 1. Introductions 2. Drivers of Increased Focus on Third Parties 3. Governance 4. Third Party Risks and Scope 5. Third Party Risk Profiling 6.
More informationEffectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations. kpmg.com
Effectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations kpmg.com b Section or Brochure name Effectively using SOC 1, SOC 2, and SOC 3 reports for increased
More informationCFPB Readiness Series: Compliant Vendor Management Overview
CFPB Readiness Series: Compliant Vendor Management Overview Legal Disclaimer This information is not intended to be legal advice and may not be used as legal advice. Legal advice must be tailored to the
More informationalternative finance conference
alternative finance conference accessing Asian capital through dual listings on the Hong Kong Stock Exchange Paul D. Davis, Partner October 4, 2012 McMillan LLP Vancouver Calgary Toronto Ottawa Montréal
More informationChapter 5. Rules and Policies NATIONAL INSTRUMENT 52-109 CERTIFICATION OF DISCLOSURE IN ISSUERS ANNUAL AND INTERIM FILINGS
Chapter 5 Rules and Policies 5.1.1 NI 52-109 Certification of Disclosure in Issuers Annual and Interim Filings TABLE OF CONTENTS NATIONAL INSTRUMENT 52-109 CERTIFICATION OF DISCLOSURE IN ISSUERS ANNUAL
More informationCOSO 2013 Internal Control Integrated Framework FRED J. PETERSON, PARTNER MOSS ADAMS LLP
COSO 2013 Internal Control Integrated Framework FRED J. PETERSON, PARTNER MOSS ADAMS LLP Disclaimer The material appearing in this presentation is for informational purposes only and should not be construed
More informationOxford City Council Managing Capital Projects
www.pwc.co.uk Internal Audit Report 2014/2015 August 2015 Oxford City Council Managing Capital Projects Table of Contents 1. Executive Summary... 3 2. Background and scope... 5 3. Detailed findings...
More informationIAASB Main Agenda (June 2010) Agenda Item. April 28, 2009
Agenda Item 8-B Statement of Position 09-1 April 28, 2009 Performing Agreed-Upon Procedures Engagements That Address the Completeness, Accuracy, or Consistency of XBRL-Tagged Data Issued Under the Authority
More informationThe silver lining: Getting value and mitigating risk in cloud computing
The silver lining: Getting value and mitigating risk in cloud computing Frequently asked questions The cloud is here to stay. And given its decreased costs and increased business agility, organizations
More informationFIDUCIARY ADVISORY SERVICES
FIDUCIARY ADVISORY SERVICES Comprehensive investment oversight for charities and non-profit organizations Boards of Directors have the opportunity to make a difference in how charities fulfill their missions.
More informationOctober 1, 2015. Ms. Sherry Hazel American Institute of Certified Public Accountants 1211 Avenue of the Americas, 19 th Floor New York, NY 10036-8775
Deloitte & Touche LLP 695 E Main Street Stamford, CT 06901-2150 Tel: +1 203 761 3000 Fax: +1 203 761 3013 www.deloitte.com October 1, 2015 Ms. Sherry Hazel American Institute of Certified Public Accountants
More informationAn Introduction to ISO 22000: Food Safety Management Systems
: Food Safety Management Systems Stefan Nygren What is ISO 22000? ISO 22000, Food safety management systems - Requirements for any organization in the food chain, was first published in 2005. The standard
More informationSSAE 16 and ISAE 3402: Preparing for New Service Company Control Standards Mastering Requirements Governing Your Next Controls Report
Presenting a live 110 minute teleconference with interactive Q&A SSAE 16 and ISAE 3402: Preparing for New Service Company Control Standards Mastering Requirements Governing Your Next Controls Report WEDNESDAY,
More informationMETANET and Interoute Zurich Data Centre Corporate Security & Risk Group Version 1.0 ; 4 April
Data Centre Quality and Security Enterprise Security Management METANET and Interoute Zurich Data Centre Corporate Security & Risk Group Version 1.0 ; 4 April Corporate Security & Risk Group (CSRG) Interoute
More informationMining Initial Public Offering Guide. TSX s Global Leadership in Mining. Your lawyer. Your law firm. Your business advisor.
Mining TSX s Global Leadership in Mining Your lawyer. Your law firm. Your business advisor. Bennett Jones is widely recognized as the leading Canadian law firm in energy and natural resources. In keeping
More informationRe: Industry Canada Consultation on the Canada Business Corporations Act (the Consultation )
May 9, 2014 Director General Marketplace Framework Policy Branch Industry Canada 235 Queen Street, 10 th Floor Ottawa, Ontario K1A 0H5 e-mail: cbca-consultations-lcsa@ic.gc.ca Re: Industry Canada Consultation
More informationTransAlta Corporation Energy Trading Compliance Program Assessment
www.pwc.com/ca Energy Trading Compliance Program Assessment Disclaimer We prepared this report based on information available at the time of its preparation. Our observations and conclusions are based
More informationAuditing CPA EXAM REVIEW V 1.0
V 1.0 CPA EXAM REVIEW Auditing UPDATES AND ACADEMIC HELP Click on Community and Support at www.becker.com/cpa CUSTOMER SERVICE AND TECHNICAL SUPPORT Call 1.877.CPA. EXAM (Outside the U.S. +1.630.472.2213)
More informationExamination of Construction Management Contract for West Block Rehabilitation Project
Examination of Construction Management Contract for West Block Rehabilitation Project PCL Invoices #1 to 18 for the period from June 30, 2011 to December 21, 2012 June 18, 2013 To the Parliamentary Precinct
More informationManaging risks in a Salesforce environment
Managing risks in a Salesforce environment Managing risks in a Salesforce environment In today s rapidly changing world of business, only companies that understand and anticipate customer needs and consistently
More informationIT Insights. Managing Third Party Technology Risk
IT Insights Managing Third Party Technology Risk According to a recent study by the Institute of Internal Auditors, more than 65 percent of organizations rely heavily on third parties, yet most allocate
More informationQuality Management Standard BS EN ISO 9001:2008. www.imsworld.org
Quality Management Standard BS EN ISO 9001:2008 The Origin of Quality Standards Ministry of Defence Marks & Spencer Ford Motor Company All had their own Quality standards, which they expected their suppliers
More informationJLT Mining. The Canadian economy is, in part, driven by a robust and sophisticated Mining Industry.
Mining Jardine Lloyd Thompson (JLT) is an international group of Risk Specialists and Employee Benefits Consultants and one of the largest companies of its type in the world. We offer a distinctive choice
More informationLifting the fog* Accounting for uncertainty in income taxes
Lifting the fog* Accounting for uncertainty in income taxes Contents Introduction 01 Identifying uncertain tax positions 02 Recognizing uncertain tax positions 03 Measuring the tax benefit 04 Disclosures
More informationK-W YMCA Endowment Foundation. Financial Statements December 31, 2014
K-W YMCA Endowment Foundation Financial Statements December 31, April 14, 2015 Independent Auditor s Report To the Members of K-W YMCA Endowment Foundation We have audited the accompanying financial statements
More informationUnderstanding SOC Reports for Effective Vendor Management. Jason T. Clinton January 26, 2016
Understanding SOC Reports for Effective Vendor Management Jason T. Clinton January 26, 2016 MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2012 Wolf & Company, P.C. Before we
More informationHans Bos Microsoft Nederland. hans.bos@microsoft.com
Hans Bos Microsoft Nederland Email: Twitter: hans.bos@microsoft.com @hansbos Microsoft s Cloud Environment Consumer and Small Business Services Software as a Service (SaaS) Enterprise Services Third-party
More information