OUTSOURCING AND SERVICE AUDITOR S REPORTS



Similar documents
NEW REGULATIONS FOR DUTCH PUBLIC INTEREST ENTITIES How will they affect your company?

Here comes SSAE 16 SAS 70 EVOLUTION: How will the new standard affect my business? How do I prepare to meet the new requirements?

Feeley & Driscoll, P.C. Certified Public Accountants / Business Consultants Visit us on the web: Or Call:

How quality assurance reviews can strengthen the strategic value of internal auditing*

DECIDING WHAT MATTERS

G24 - SAS 70 Practices and Developments Todd Bishop

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

INTERNATIONAL STANDARD ON ASSURANCE ENGAGEMENTS (ISAE) 3402 ASSURANCE REPORTS ON CONTROLS AT A SERVICE ORGANIZATION

G24: Audits of Controls at a Service Organization: New Standards SSAE 16 and ISAE 3402 Duff Donnelly and Jeffrey Spivack, Grant Thornton LLP

Effective Internal Audit in the Financial Services Sector

GAO. Government Auditing Standards Revision. By the Comptroller General of the United States. United States Government Accountability Office

STANDING ADVISORY GROUP MEETING

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

Weighing in on the Benefits of a SAS 70 Audit for Third Party Data Centers

Auditing Standard 5- Effective and Efficient SOX Compliance

Frequently asked questions: SOC 2 and 3

The end of SAS70 what next for Performance Assurance?

How To Understand The Benefits Of An Internal Audit

THE ROLE OF AN SOC 1 REPORT (formerly SAS 70) IN FREIGHT PAYMENT

INTERNAL AUDIT CHARTER AND TERMS OF REFERENCE

ISAE 3402 and SSAE 16 (replacing SAS 70) Reinforcing confidence through demonstration of effective controls

The Framework for Quality Assurance

Guide to Public Company Auditing

GENERAL TERMS AND CONDITIONS BDO Accountants & Belastingadviseurs B.V.

Guide to the Sarbanes-Oxley Act: IT Risks and Controls. Frequently Asked Questions

Reports on Service Organizations Where we ve been?

Guide to Internal Control Over Financial Reporting

STAFF QUESTIONS AND ANSWERS

Content. About GFPAA IFRS Implementation ISA Implementation Proposed Regulation Future prospects Annex Translated IFRS and ISA by GFPAA

Reporting on Controls at a Service Organization

MARLIN MIDSTREAM GP, LLC AUDIT COMMITTEE CHARTER

Impact of New Internal Control Frameworks

SEATTLE GENETICS, INC. Charter of the Audit Committee of the Board of Directors

At a glance. A provision to require a written assertion from company management is the most notable difference between the two standards.

Practice guide. quality assurance and IMProVeMeNt PrograM

Fundamental Principles of Public-Sector Auditing

Internal Audit Standards

Navigating the Standards for Information Technology Controls

Credit Unions RISK ADVISORY SERVICES. Enterprise Risk Management, Internal Audit and Complex Accounting Services

1. FPO. Guide to the Sarbanes-Oxley Act: IT Risks and Controls. Second Edition

Internal Audit and Advisory Services DRAFT

Adding value to your ship management business. Shipping & Transport PRECISE. PROVEN. PERFORMANCE.

Assessing the Adequacy and Effectiveness of a Fund s Compliance Policies and Procedures. December 2005

FIRST CITIZENS BANCSHARES, INC. FIRST-CITIZENS BANK & TRUST COMPANY CHARTER OF THE JOINT AUDIT COMMITTEE

BASIS FOR CONCLUSIONS Canadian Standard on Assurance Engagements (CSAE) 3416, Reporting on Controls at a Service Organization

Background. Audit Quality and Public Interest vs. Cost

ISAE 3000 (Revised), Assurance Engagements Other Than Audits or Reviews of Historical Financial Information

Oceaneering International, Inc. Audit Committee Charter

INTERNATIONAL STANDARD ON AUDITING 200 OBJECTIVE AND GENERAL PRINCIPLES GOVERNING AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

The Importance of IT Controls to Sarbanes-Oxley Compliance

Administrative Guidelines on the Internal Control Framework and Internal Audit Standards

Compliance Risk Management IT Governance Assurance

Risk & Assurance. Tailored to your needs. Internal audit solutions

SSAE 16 & SAS 70 A Primer on Changes to Service Organization Audit Standards

Charter of the Audit Committee of the Board of Directors of The Ensign Group, Inc. Adopted & Effective April 26, 2007 Last Revised October 29, 2015

Change to the Definition of Engagement Team in the Code of Ethics for Professional Accountants

Weighing in on the Benefits of a SAS 70 Audit for Payroll Service Providers

Inspection of Chang G Park (Headquartered in San Diego, California) Public Company Accounting Oversight Board

Service Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard

COSO 2013: WHAT HAS CHANGED & STEPS TO TAKE TO ENSURE COMPLIANCE

B o a r d of Governors of the Federal Reserve System. Supplemental Policy Statement on the. Internal Audit Function and Its Outsourcing

Lloyd s Managing Agents FSA Solvency II Data Audit

GAO. Government Auditing Standards: Implementation Tool

Professional Development for Engagement Partners Responsible for Audits of Financial Statements (Revised)

Addressing Disclosures in the Audit of Financial Statements

ISRE 2400 (Revised), Engagements to Review Historical Financial Statements

APES 320 Quality Control for Firms

AMPLIFY SNACK BRANDS, INC. AUDIT COMMITTEE CHARTER. Adopted June 25, 2015

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE

INTERNATIONAL STANDARD ON AUDITING 220 QUALITY CONTROL FOR AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

A Sarbanes-Oxley Roadmap to Business Continuity

How To Manage A Company

AMTRUST FINANCIAL SERVICES, INC. AUDIT COMMITTEE CHARTER

Sears Hometown and Outlet Stores, Inc. Audit Committee of the Board of Directors Charter

Third party assurance services

BDO S CLOUD ACCOUNTING SOLUTIONS Another helping hand to grow your business START

SSAE 16 and ISAE 3402: Preparing for New Service Company Control Standards Mastering Requirements Governing Your Next Controls Report

Competence Requirements for Audit Professionals

IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING

payroll services BUSINESS SERVICES AND ACCOUNTING

the role of the head of internal audit in public service organisations 2010

Industry Sound Practices for Financial and Accounting Controls at Financial Institutions

RALLY SOFTWARE DEVELOPMENT CORP.

Internal Audit Charters

Internal and External Audits Table of Contents

Report on Inspection of Gregory & Associates, LLC (Headquartered in Salt Lake City, Utah) Public Company Accounting Oversight Board

WIX.COM LTD. (THE COMPANY ) AUDIT COMMITTEE CHARTER

Work Plan for : Enhancing Audit Quality and Preparing for the Future. The IAASB s Work Plan for December 2014

W. R. GRACE & CO. AUDIT COMMITTEE CHARTER

Proposed Consequential and Conforming Amendments to Other ISAs

Guide to Understanding SAS 70 Reports

Farewell to SAS 70. What you need to know about the New Standard for Service Organization Reporting

CELESTICA INC. AUDIT COMMITTEE MANDATE

Sarbanes-Oxley Section 404: Management s Assessment Process

STANDING ADVISORY GROUP MEETING

QUESTIONS AND ANSWERS ABOUT THE AICPA PEER REVIEW PROGRAM

(Effective as of December 15, 2009) CONTENTS

Internal Control over Financial Reporting Guidance for Smaller Public Companies

Special Considerations Audits of Group Financial Statements (Including the Work of Component Auditors)

Application of King III Corporate Governance Principles

Transcription:

OUTSOURCING AND SERVICE AUDITOR S REPORTS FREEDOM TO DO BUSINESS

Outsourcing and service Auditor s Reports 3 OUTSOURCING AND SERVICE AUDITOR S REPORTS SERVICE AUDITOR S REPORTS ARE GROWING IN IMPORTANCE, BUT WITH TECHNICAL TERMINOLOGY AND STRINGENT REQUIREMENTS, THEY CAN BE CONFUSING. BDO RISK ADVISORY SERVICES HAS PUT TOGETHER THIS GUIDE TO HELP YOU UNDERSTAND SERVICE AUDITOR S REPORTS AND ASSIST IN MATCHING THE NEEDS OF SERVICE ORGANIZATIONS. MORE KNOWLEDGE FOR YOU AND YOUR AUDITORS Our Service Auditor s Reports will give your clients and their auditors an in-depth understanding of the internal controls within the Service Organization. OUTSOURCING Internal controls are one of the core competencies of Service Organizations and external providers. Entrusting the effectiveness of a company s system of internal controls to an external service provider offers several benefits. By outsourcing certain functions, organizations can benefit from a much broader range of skill sets and access to specialty services that bring best practice knowledge to the client company and achieve economies of scale and economic efficiencies. An outsourced function generally has a broader perspective and is able to provide benchmarks that are not otherwise available in-house. Outsourcing firms have experience with many systems and situations and are able to provide more precise metrics. Outsourcing also allows management to stay focused on core business operations, rather than worry about managing and maintaining certain non-core business processes. Outsourcing can however, substantially increase the risk for an organization if the outsourcing relationship and the appropriate internal controls are not managed appropriately.

4 Outsourcing and service Auditor s Reports WHAT IS A SERVICE AUDITOR S REPORT? Service Auditor s Reports are designed to provide information and assurance about controls within a Service Organization to User Organizations (clients) and their auditors. The audit of a Service Auditor s Report is conducted in accordance with the standards issued by the International Federation of Accountants (IFAC). ISAE 3402 include the professional standards used by a Service Auditor to report on the processing of transactions by a Service Organization for use by management, clients, and other auditors. The Value of a Service Auditor s Report Service Auditor s Reports are primarily used by the Service Organization, their clients and the client s auditors. The client s auditors can use the report to gain an understanding of the internal controls in operation at the Service Organization. Depending on the type of report, the client s auditors may be able to consider the Service Organization s internal controls in planning and executing their internal audit plans. MORE TIME, LESS FEES With our Service Auditor s Reports, your exposure to client on-site auditors can be eliminated. The Service Auditor s Report may also be used by current clients, prospective clients, stakeholders and other interested parties to gain an understanding of the internal control environment of the Service Organization. A Service Auditor s Report will provide many benefits to the Service Organization and here are the main reasons for getting one: The business model of a Service Organization is to have multiple clients. If the activities outsourced are material, some or all of the client s auditors will visit the Service Organization. A properly developed Service Auditor s Report will minimize the need to deal with client auditors, which can be a very intrusive experience. Also the Service Auditor s Report can reduce client audit fees, and the cost of the process is normally passed to the client through service charges. A Service Auditor s Report can assist the Service Organization in demonstrating that they have processes and procedures in place to ensure that the services being outsourced are managed properly. This can be a key factor in obtaining new business. Most request for proposals nowadays require a Service Auditor s Report from the Service Organization. The current environment of compliance and governance for public companies, under the influence of Sarbanes Oxley and Code Tabaksblatt, requires that any outsourced services are managed effectively with the proper internal controls in place. The Service Auditor s Report is a vehicle by which the arrangement will be managed. The report has become mandatory for any material outsourcing arrangement if the User Organization is a public company, regardless of whether or not the Service Organization is a private company. Many organizations choose to focus on their core activities and are therefore outsourcing those activities which do not belong to the core activities. Because outsourcing doesn t relieve an User Organization of the responsibility over the outsourced activities, User Organizations want to keep control on these activities. They often rely on Service Level Agreements and Service Level Reports. A Service Auditor s Report can give more certainty and provide an objective and independent view whether the Service Organization is compliant with these Agreements. Additionally Service Auditor s Reports can be useful for the chartered accountant or regulatory authorities. The process of obtaining a Service Auditor s Report is also a very effective way of identifying efficiency issues as well as duplication of controls.

Outsourcing and service Auditor s Reports 5 BENEFITS OF A SERVICE AUDITOR S REPORT Satisfy client audit requirements Compliance with regulatory requirements Satisfy contract and service level agreement requirements Documentation and testing of internal control structure Streamline business process and controls Type 1 versus Type 2 A Type 1 report is a report on the controls placed in operation as at a specific date. A Type 2 report is a report on the controls placed in operation and tests of the operational effectiveness of controls during a specified period of time. The period of time for a Type 2 report is generally 6 months or 1 year. Since the Type 2 report is an extension of the Type 1 report, if you chose to do a Type 1 report and opted to switch to Type 2, the difference is the application of tests of the operational effectiveness of specific controls for the audit period. Some clients have opted for a Type 1 report for the first year and a Type 2 report in subsequent years. This has the advantage of allowing you to review and improve your controls before undergoing the testing in the Type 2 report. Service Auditor s Report Contents A Service Auditor s Report typically includes several sections. For type 1: I The service organization s description of its system; II A written assertion by the service organization that, in all material respects, and based on suitable criteria: a The description fairly presents the service organization s system as designed and implemented as at the specified date; b The controls related to the control objectives stated in the service organization s description of its system were suitably designed as at the specified date; and III A service auditor s assurance report that conveys reasonable assurance about the matters in (II)a-b above. For type 2: I The service organization s description of its system; II A written assertion by the service organization that, in all material respects, and based on suitable criteria: a The description fairly presents the service organization s system as designed and implemented throughout the specified period; b The controls related to the control objectives stated in the service organization s description of its system were suitably designed throughout the specified period; and c The controls related to the control objectives stated in the service organization s description of its system operated effectively throughout the specified period; and III A service auditor s assurance report that: a Conveys reasonable assurance about the matters in (II)a-c above; and b Includes a description of the tests of controls and the results thereof. The Service Organization is responsible for documenting: The service organization s description of its system; A written assertion by the service organization that, in all material respects, and based on suitable criteria: 1 The description fairly presents the service organization s system as designed and implemented throughout the specified period; 2 The controls related to the control objectives stated in the service organization s description of its system were suitably designed throughout the specified period; and 3 The controls related to the control objectives stated in the service organization s description of its system operated effectively throughout the specified period. The Service Auditor is responsible for: An opinion as to whether the Service Organization s description of its controls presents fairly those controls that have been placed in operation as of the end of the reporting period; An opinion as to whether the service organization has identified the risks that threaten achievement of the control objectives stated in the description of its system; and whether the controls identified in that description would, if operated as described, provide reasonable assurance that those risks do not prevent the stated control objectives from being achieved; Other information the Service Auditor may provide.

6 Outsourcing and service Auditor s Reports For a Type 2 Report An opinion that the controls that were tested are operating with sufficient effectiveness to provide reasonable, but not absolute, assurance that the control objectives were achieved for the audit period; Determining which controls are, in his or her judgment necessary to achieve the control objectives and the nature, timing, and extent of the tests of the selected controls; A description of the tests of operational effectiveness of controls and the results of those tests. BDO S APPROACH & FRAMEWORK BDO s approach to a Service Auditor s Report engagement includes providing a team of professionals who specialize in internal controls and technology risk and security. We believe this provides your organization with the highest quality and cost effective Service Auditor s Report. The Solution Our approach has always been to develop a unique solution for each client. Readiness Assessment A readiness assessment is an evaluation of client readiness in relation to a successful Type 1 or Type 2 Service Auditor s Report audit. This assessment will also determine the needs of the client and the road map to achieving a successful project. This type of engagement will answer the following type of questions: Does the client need a Service Auditor s Report? What are the major stumbling blocks to achieving a successful Service Auditor s Report? What are the costs of such an engagement and how can these costs be minimized? What other alternatives does the client have? When is the earliest that a Service Auditor s Report could be successfully executed? Who will draft the control objectives, control descriptions and other aspects of the report? Best practices Specified Audit Procedures Periodically the execution of a specified procedures report can be a less costly alternative. This report provides third party verification or comfort that procedures or processes at the organization are working as intended. The scope of these engagements can be limited. To achieve this, the engagement will focus on key risks or processes and might not cover all concerns of existing or potential clients as would a Service Auditor s Report. Type 1 or Type 2 Service Auditor s Report As outlined earlier, this provides an independent verification, either at a specific point in time or over a period of time, that internal controls are in place to achieve specific objectives. An Independent Review of Internal Controls This review is conducted in accordance with international standards set by IFAC and the Institute of Internal Auditors (IIA). This provides management with an assessment of the design and operational effectiveness of controls in meeting operating, reporting and compliance objectives set by the organization. SERVICE AUDITOR S REPORT TERMINOLOGY User Organization An entity that has engaged a Service Organization for a Service User Auditor The auditor who reports on the financial statements of the User Organization Service Organization An entity that provides services to a User Organization ISAE 3402 International Standard on Assurance Engagements number 3402 is an international accepted audit standard from the International Federation of Accountants (IFAC). The format of the report is fixed and gives detailed information about the internal controls. Service Auditor The auditor who reports on and tests the controls of a Service Organization Service Auditor s Report An independent report issued by a Service Auditor over the internal controls of a Service Organization TPM (Third Party Announcement) The format of a third party announcement is not prescribed like a SAS 70 report Third Party Certification Procedure by which a third party (independent Auditor) gives written assurance that a product, process or service conforms to specified requirements over a period in time.

Outsourcing and service Auditor s Reports 7 THE AUDIT PROCESS The general steps within a Service Auditor s Report process follows the traditional audit approach but may differ based on the Service Organization s current control environment. A typical engagement would include: 1 Consulting with management and involved parties to gain an understanding of the Service Organization s business processes, risks, control environment and control components. SUPPORTIVE IT STRATEGIES At BDO, you can rely on professionals who understand the information technology risks and rewards and understand the alignment of IT with business objectives. 2 Providing guidance to management on the adequacy of their risk assessment, control objectives and controls as it relates to their environments and their respective industries prior to testing. 3 Performing on-site testing at various points in time during the reporting period to determine the effectiveness of the controls placed in operation and the operational effectiveness of the controls for Type 2 reports. Testing typically includes inquiry, inspection of documents and records, and observation of activities. The extent of testing will vary depending on the scope of the report (including Type and the period covered). 4 Preparing a draft report to be reviewed by the Service Organization for accuracy and completeness of the details. 5 Delivering a management letter to senior management for any control deficiencies uncovered during the course of the audit. 6 Issuing the Service Auditor s Report in hardcopy and electronic format.

8 Outsourcing and service Auditor s Reports AUDIT FRAMEWORK With our experience in preparing Service Auditor s Reports, we have developed an efficient approach that reduces your time commitment. You receive a complete Service Auditor s Report that covers the requirements of your clients, their auditors, and other regulatory bodies. We can also provide you with observations to improve your internal controls and operational efficiencies. The following is the framework and approach followed by BDO in completing Service Auditor s Report engagements: BDO ADVANTAGE Boutique-level responsiveness We tailor our approach not just our deliverables Pragmatic methodology Our customized, flexible methodology enables us to step in at any stage Experienced professionals Our team includes experienced professional staff with a balanced mix of CA firm, IT and industry experience CA firm perspective As a Public Accountant, we have a deep understanding and sensitivity to your external auditor s requirements

Outsourcing and service Auditor s Reports 9 FREQUENTLY ASKED QUESTIONS What is Sarbanes-Oxley 404 and how does it relate to ISAE 3402 Reporting? In July 2002, the United States Congress passed the Sarbanes-Oxley Act ( the Act ) into law. The Act calls for the formation of a Public Company Accounting Oversight Board (PCAOB) and specifies several requirements that include management s annual assertion that internal controls over financial reporting are effective (Section 404). In the case of Section 404, the independent auditor of the organization is required to opine on management s assertion over internal control in addition to the auditor s opinion on the fair presentation of the organization s financial statements. REGISTERED TO SERVE YOU Public accountants like BDOs must register with the Autoriteit Financiële Markten (AFM) and the International Federation of Accountants (IFAC). Registered EDP Auditors from BDO are subject to the boards regulations and must submit to their inspection rules. In addition, they are registered with the NOREA (professional association for IT auditors in the Netherlands) and must comply with the NOREA Code of Ethics. In order for management to make its annual attestation on the effectiveness of its internal control, management is required to document and evaluate all controls. Management will look to the Service Organization for information on the design and operational effectiveness of its controls if the organization uses the service provider to process transactions, host data, or other significant services. Management can obtain a Service Auditor s Report from the Service Organization to gain an understanding of the Service Organization s controls and effectiveness of those controls and derive the required assurance. Who can perform a Service Auditor s Reports? Service Auditor s Reports can only be performed by independent registered auditors. Professional audit firms that issue Service Auditor s Reports must adhere to specific professional standards established by the IFAC or the American Institute of Certified Public Accountants (AICPA). Firms are required to follow specific guidance related to planning, execution, and supervision of the audit procedures. In addition, firms are required to undergo a peer review to ensure that the firm s audits are conducted in accordance with generally accepted auditing standards. Is there a list of standard risks, control objectives and controls? Since Service Organizations are responsible for assessing their risks, defining their control objectives and describing their controls, there is no published list of standard control objectives and controls. Generally, the control objectives are specific to the Service Organization and their customers. A Service Organization may consult with their Service Auditor for guidance on the control objectives. What are Type 1 and Type 2 ISAE 3402 audit differences? Type 1 ISAE 3402 audits opine on controls that are in place as of a date in time. The opinion deals with the fairness of presentation of the controls and the design of the controls in terms of their ability to meet defined control objectives. In addition, the auditor assesses whether the service organization has identified the risks that threaten achievement of the control objectives stated in the description of its system. Since these reports only provide assurance over a single day, they are of limited value to third parties. Type 2 ISAE 3402 audits opine on controls that were in place over a period of time, which is typically a period of six months or more. The opinion deals with the fairness of presentation of the controls, the design of the controls with regard to their ability to meet defined control objectives, and the operational effectiveness of those controls over the defined period. Third parties are better able to rely on these reports because a verification is provided regarding these matters for a substantial period of time.

8 Outsourcing and service Auditor s Reports Does the entire organization have to be audited? No. The Service Auditor s Report is risk based and should focus on the control environment surrounding the services provided to customers. The Service Auditor s Report can be customized to specifically identify the applicable data centers, operating environments and applications that are covered in the audit. An organization may have many business units while only one may process transactions or provide data processing services for its customers. How are Service Auditor s Reports generally distributed? The result of an ISAE 3402 audit engagement is the issuance of a Service Auditor s Report. The Service Auditor s Report will then be provided to the Service Organization for distribution to their respective customers (User Organizations), User Auditors and other parties. The Service Auditor s Report is usually distributed via hard copy or electronically. Choose a partner who sees things differently. www.bdo.nl/ras MORE INFORMATION As part of our value-added service, BDO offers a complimentary needs and requirements assessment. This provides you with an opportunity to identify and review your risk advisory requirements with our team of professionals. BDO Audit & Assurance B.V. Central Office phone +31(0)88 BDO IT AC (088-236 48 22) CALL US, SEE WHAT WE CAN DO We encourage you to contact us to learn more about our services and to meet our team. BDO Profile 27 offices in the Netherlands BDO Member Firms have more than 1,000 offices in over 100 countries 5th largest accounting and advisory network worldwide e-mail it@bdo.nl

WWW.BDO.NL Colophon This publication has been carefully prepared, but it has been written in general terms and should be seen as broad guidance only. The publication cannot be relied upon to cover specific situations and you should not act, or refrain from acting, upon the information contained therein without obtaining specific professional advice. Please contact BDO Audit & Assurance B.V. or BDO Risk Advisory Services to discuss these matters in the context of your particular circumstances. BDO Audit & Assurance B.V. or BDO Risk Advisory Services, its partners, employees and agents do not accept or assume any liability or duty of care for any loss arising from any action taken or not taken by anyone in reliance on the information in this publication or for any decision based on it. BDO is a registered trademark owned by Stichting BDO, a foundation established under Dutch law, having its registered office in Amsterdam (the Netherlands). In this publication BDO is used to indicate the organisation which provides professional services in the field of accountancy, tax and consultancy under the name BDO. BDO Risk Advisory Services is a registered trade name owned by BDO Consultants B.V. in Eindhoven, The Netherlands. BDO Audit & Assurance B.V. and BDO Consultants B.V. are members of BDO International Ltd, a UK company limited by guarantee, and forms part of the worldwide network of independent legal entities, each of which provides professional services under the name BDO. BDO is the brand name for the BDO network and for each of the BDO Member Firms. 04/2011 - IT1101

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information