|
SSAE No. 18
Statement on Standards for Attestation Engagements no. 18 (SSAE No. 18 or SSAE 18) is a Generally Accepted Auditing Standard produced and published by the American Institute of Certified Public Accountants (AICPA) Auditing Standards Board. Though it states that it could be applied to almost any subject matter, its focus is reporting on the quality (accuracy, completeness, fairness) of financial reporting. It pays particular attention to internal control, extending into the controls over information systems involved in financial reporting. It is intended for use by Certified Public Accountants performing attestation engagements, the preparation of a written opinion about a subject, and the client organizations preparing the reports that are the subject of the attestation engagement. It prescribes three levels of service: examination, review, and agreed-upon procedures. It also prescribes two types of reports: Type 1, which includes an assessment of internal control design, and Typ ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Generally Accepted Auditing Standards
Generally Accepted Auditing Standards, or GAAS are sets of standards against which the quality of audits are performed and may be judged. Several organizations have developed such sets of principles, which vary by territory. In the United States, the standards are promulgated by the Auditing Standards Board, a division of the American Institute of Certified Public Accountants (AICPA). AU Section 150 states that there are ten standards: three general standards, three fieldwork standards, and four reporting standards. These standards are issued and clarified Statements of Accounting Standards, with the first issued in 1972 to replace previous guidance. Typically, the first number of the AU section refers to which standard applies. However, in 2012 the Clarity Project significantly revised the standards and replaced AU Section 150 with AU Section 200, which does not explicitly discuss the 10 standards.Morris JT, Thomas T. (2011)Clarified Auditing Standards: The Quiet Revolution ''Jo ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Auditing Standards Board
In the United States, the Auditing Standards Board (ASB) is the senior technical committee designated by the American Institute of Certified Public Accountants (AICPA) to issue auditing, attestation, and quality control statements, standards and guidance to certified public accountants (CPAs) for non-public company audits.AICPA Operating Policies, pg. 1 Created in October 1978, it is composed of 19 members representing various industries and sectors, including public accountants and private, educational, and governmental entities. It issues pronouncements in the form of statements, interpretations, and guidelines, which all CPAs must adhere to when performing audits and attestations.Creation of the Auditing Standards Board, AICPA Operating Policies Appendix A, pg. 17, par. 2-6 History Prior auditing standards and authorities The American Institute of Certified Public Accountants has issued guidance to accountants and auditors since 1917, when, at the behest of the U.S. Federal Tra ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Internal Control
Internal control, as defined by accounting and auditing, is a process for assuring of an organization's objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies. A broad concept, internal control involves everything that controls risks to an organization. It is a means by which an organization's resources are directed, monitored, and measured. It plays an important role in detecting and preventing fraud and protecting the organization's resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or intellectual property such as trademarks). At the organizational level, internal control objectives relate to the reliability of financial reporting, timely feedback on the achievement of operational or strategic goals, and compliance with laws and regulations. At the specific transaction level, internal controls refers to the actions taken to achieve a specific objective (e.g., ho ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Controls
Security controls are safeguards or countermeasures to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets. In the field of information security, such controls protect the confidentiality, integrity and availability of information. Systems of controls can be referred to as frameworks or standards. Frameworks can enable an organization to manage security controls across different types of assets with consistency. Types of security controls Security controls can be classified by various criteria. For example, controls are occasionally classified by when they act relative to a security breach: *Before the event, preventive controls are intended to prevent an incident from occurring e.g. by locking out unauthorized intruders; *During the event, detective controls are intended to identify and characterize an incident in progress e.g. by sounding the intruder alarm and alerting the security guards or police; *Afte ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Information System
An information system (IS) is a formal, sociotechnical, organizational system designed to collect, process, store, and distribute information. From a sociotechnical perspective, information systems are composed by four components: task, people, structure (or roles), and technology. Information systems can be defined as an integration of components for collection, storage and processing of data of which the data is used to provide information, contribute to knowledge as well as digital products that facilitate decision making. A computer information system is a system that is composed of people and computers that processes or interprets information. The term is also sometimes used to simply refer to a computer system with software installed. "Information systems" is also an academic field study about systems with a specific reference to information and the complementary networks of computer hardware and software that people and organizations use to collect, filter, process, cr ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Certified Public Accountant
Certified Public Accountant (CPA) is the title of qualified accountants in numerous countries in the English-speaking world. It is generally equivalent to the title of chartered accountant in other English-speaking countries. In the United States, the CPA is a license to provide accounting services to the public. It is awarded by each of the 50 states for practice in that state. Additionally, all states except Hawaii have passed mobility laws to allow CPAs from other states to practice in their state. State licensing requirements vary, but the minimum standard requirements include passing the Uniform Certified Public Accountant Examination, 150 semester units of college education, and one year of accounting-related experience. Continuing professional education (CPE) is also required to maintain licensure. Individuals who have been awarded the CPA but have lapsed in the fulfillment of the required CPE or who have requested conversion to inactive status are in many states permitt ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Committee Of Sponsoring Organizations Of The Treadway Commission
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is an organization that develops guidelines for businesses to evaluate internal controls, risk management, and fraud deterrence. In 1992 (and subsequently re-released in 2013), COSO published the ''Internal Control - Integrated Framework,'' commonly used by businesses in the United States to design, implement, and conduct systems of internal control over financial reporting and assessing their effectiveness. History In 1985, COSO began as a private sector initiative to investigate the causal factors that lead to fraudulent financial reporting as a result of a number of accounting scandals in the 1970s and mid-1980s. This initiative was termed the National Commission on Fraudulent Financial Reporting; the first president of the Commission was James C. Treadway, Jr., a former Commissioner of the US Securities and Exchange Commission, and therefore the initiative was commonly called the "Treadway Commission". ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Statement On Auditing Standards No
Statement or statements may refer to: Common uses *Statement (computer science), the smallest standalone element of an imperative programming language * Statement (logic), declarative sentence that is either true or false *Statement, a declarative phrase in language (linguistics) *Statement, a North American paper size of 5 1⁄2 in × 8 in (140 mm × 203 mm), also known under various names such as half letter and memo *Financial statement, formal summary of the financial activities of a business, person, or other entity *Mathematical statement, a statement in logic and mathematics *Political statement, any act or nonverbal form of communication that is intended to influence a decision to be made for or by a group *Press statement, written or recorded communication directed at members of the news media *Statement of Special Educational Needs, outlining specific provision needed for a child in England *Witness statement (law), a signed document recording the evidence given by a pers ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISAE 3402
International Standard on Assurance Engagements 3402 (ISAE 3402), titled Assurance Reports on Controls at a Service Organization, is an international assurance standard that describes Service Organization Control (SOC) engagements, which provides assurance to an organization's customer that the service organization has adequate internal controls. ISAE 3402 was developed by the International Auditing and Assurance Standards Board ( IAASB) and published by the International Federation of Accountants (IFAC) in 2009. It supersedes SAS 70. and puts more emphasis on procedures for the ongoing monitoring and evaluation of controls. An ISAE 3402 attestation including an audit report is regarded as a quality criterion for service providers that distinguishes them from competitors. It also pays for a customer to contract with a service provider that holds an ISAE 3402 attestation: the auditor of the customer can rely on the attestation of the service organization, resulting in a reduced nec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISAE 3000
ISAE 3000 is the standard for assurance over non-historical financial information. ISAE 3000 is issued by the International Federation of Accountants (IFAC). The standard consists of guidelines for the ethical behavior, quality management and performance of an ISAE 3000 engagement. Generally ISAE 3000 is applied for audits of internal control, sustainability and compliance with laws and regulations. ISAE 3402 International Standard on Assurance Engagements 3402 (ISAE 3402), titled Assurance Reports on Controls at a Service Organization, is an international assurance standard that describes Service Organization Control (SOC) engagements, which provides a ... states that assurance engagements should be performed in accordance with the ISAE 3000 standard. ISAE 3000 recognizes two types of reports, a type 1 and a type 2 report. A type 1 report provides assurance on the suitability of design and existence of controls and type 2 report provides assurance on ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SSAE 16
Statement on Standards for Attestation Engagements no. 16 (SSAE 16) is an auditing standard for service organizations, produced by the American Institute of Certified Public Accountants (AICPA) Auditing Standards Board, which supersedes Statement on Auditing Standards no. 70 (SAS 70) and has been superseded by SSAE No. 18. The "service auditor’s examination" of SAS 70 is replaced by a ''System and Organization Controls'' (SOC) report. SSAE 16 was issued in April 2010, and became effective in June 2011. Many organizations that followed SAS 70 have now shifted to SSAE 16. Some service organizations use the SSAE 16 report status to show they are more capable, and also encourage their prospective end-users to make having an SSAE 16 a standard part of new vendor selection criteria. SSAE 16 mirrors the International Standard on Assurance Engagements (ISAE) 3402. Similarly, SSAE 16 has two different kinds of reports. A SOC 1 Type 1 rep ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
