Law Summary
Definitions Relevant to PSA 402
- Service Organization: An external party performing services or processes significant to the client’s financial reporting.
- User Entity: The entity that uses the service organization for certain accounting or transaction processing tasks.
- Auditor: The professional responsible for expressing an opinion on the financial statements of the user entity.
Auditor's Responsibilities
- Obtain an understanding of the nature of services provided by the service organization.
- Evaluate the design and implementation of controls at the service organization relevant to the user entity's financial statements.
- Determine the effect of the service organization on the risk of material misstatement.
- Decide the nature, timing, and extent of further audit procedures needed.
Obtaining Evidence Regarding Controls
- If controls at the service organization are significant, the auditor should obtain evidence by:
- Visiting the service organization.
- Reviewing reports on the service organization's controls (e.g., SSAE 16 or equivalent).
- Other procedures to assess the control environment.
Reporting Considerations
- The auditor should clearly reflect in the audit documentation how the service organization was considered.
- Disclose any limitations or reservations related to reliance on the service organization's controls.
Penalties and Compliance
- While the resolution primarily guides professional auditing standards, non-compliance may lead to professional sanctions by the Board of Accountancy.
- Ensures audit quality and investor protection through adherence to standards.
Important Legal and Professional Concepts
- Emphasizes professional skepticism and due diligence when evaluating service organizations.
- Reflects the integration of international auditing practices into Philippine standards.
- Supports transparency and reliability in financial reporting by addressing third-party service risks.