Ad Free CAclubindia and Daily Updates on your Mobile. Subscribe Now!

SA 402 Audit Considerations Relating to an Entity Using a Service Organisation

11 March 2023

If a company uses HR payroll software on a subscripttion basis, does that company's subscripttion service need to be classified as a service provided by a service organisation or not? as per SA 402 Audit Considerations Relating to an Entity Using a Service Organisation

Reply
Follow
Share

1 Replies

CA Rakesh Ishi (Working at Private Company) (8202 Points)
Replied 13 March 2023

According to SA 402 - Audit Considerations Relating to an Entity Using a Service Organisation, a service organisation is defined as an entity that provides services to another entity that are part of that entity's information system. The services provided by the service organisation can be relevant to the audit of the user entity's financial statements, and the audit considerations will depend on the nature and significance of the services provided by the service organisation.

Based on this definition, if a company's subscripttion service involves the use of a service organisation to provide services that are part of the company's information system, then the subscripttion service would be classified as a service provided by a service organisation.

For example, if a company uses a third-party cloud service provider to host its customer data and applications, then the cloud service provider would be considered a service organisation, and the subscripttion service would be classified as a service provided by a service organisation. In this case, the audit considerations would include evaluating the controls at the service organisation, and assessing the impact of the service organisation's controls on the company's internal controls.

It's important to note that the determination of whether a subscripttion service involves the use of a service organisation will depend on the specific facts and circumstances of each case. The auditor should obtain sufficient understanding of the company's information system and the services provided by any service organisations to properly evaluate the audit considerations related to the use of a service organisation.