• PRESS ROOMPUBLIC AREA
• STUDENTSCANDIDATES
• CONTACT USFIND A CPA
• HELPADVERTISE
• SEARCH SITE
  
• 901 Dulaney Valley Road | Suite 710 | Towson MD 21204 | 800.782.2036

• January / February
• March / April
• May / June
• July
• August
• September
  • Moving to paperless forms, part 1
  • Human resources: Fill their minds and grab their hearts
  • CPA SysTrustsm: A new service opportunity for CPAs
  • Taxing issues: E-commerce sales and use tax
• October
• November
• December

CPA SysTrustsm: A new service opportunity for CPAs

The situation

As more organizations become dependent on information technology to run their businesses, produce products and services, and communicate with customers and business partners, it is absolutely critical that their systems be secure, available when needed, and consistently able to produce accurate information. An unreliable system can start a chain of business events that negatively affect the company, its customers, suppliers, and business partners. In line with the mandate of the CPA Vision for new assurance and technology based services, the AICPA and the Canadian Institute of Chartered Accountants (CICA) have introduced a new professional service — CPA SysTrust — in which CPAs provide assurance that a system is, in fact, reliable.

An unqualified SysTrust report means that the business’ system is reliable; it is capable of operating without material error, flaw or failure during a specified period of time in a specified environment. Part of a broader vision to supply real-time assurance on informational databases and systems, CPA Systrust is designed to increase the comfort of management, customers, and business partners with the systems that support a business.

Developed under the attestation standards, SysTrust is a service in which the CPA performs procedures to determine whether the controls over a system are sufficient to enable it to function reliably. The SysTrust service will help differentiate entities from their competitors because businesses that undergo the rigors of a SysTrust engagement presumably will be better service providers — attuned to the risks posed by their environment and equipped with controls that address those risks.

Importance to members

CPA SysTrust is a lucrative revenue opportunity for CPAs who are willing to expand their practices by providing technology-related assurance and consulting services to their clients. CPAs are singularly qualified as independent assurance providers to furnish businesses and their customers with the comfort they need to compete in today’s marketplace.

The business and professional experience needed for assurance engagements — the most common of which is the audit — are the same key attributes that enable CPAs to comprehensively and objectively assess the risks and controls associated with systems reliability. As a matter of fact, CPAs already possess most of the essential skills needed to conduct an effective evaluation of controls. With some additional training, practitioners can enhance these skills to provide valuable SysTrust services to their clients. SysTrust, along with other assurance services, is an opportunity for CPAs to leverage their competencies for success in the 21st century.

Committee involved

The SysTrust service was developed by the AICPA Assurance Services Executive Committee (ASEC) and the CICA Assurance Services Development Board (ASDB). In addition, an AICPA/CICA Systems Reliability Task Force was formed to oversee this new initiative. AICPA professional staff supporting these committees includes: Anthony J. Pugliese, Director of Assurance Services; Erin P. Mackler, Technical Manager of Assurance Services; and Judith M. Sherinsky, Technical Manager, Audit and Attest Standards.

Essential principles of a reliable system

SysTrust uses the following four principles to evaluate whether a system is reliable:

• Availability: Does the system operate and provide information in accordance with its own specified requirements? Is the system accessible for routine processing and maintenance?
• Security: Is the system protected against unauthorized physical and logical access? Logical access is the ability to read or manipulate data through remote access. Restricting system access helps prevent potential abuse of system components, theft of system resources, misuse of system software and improper access to and use of information.
• Integrity: Does the system process the information it receives completely, accurately, in a timely manner and in accordance with the required authorization?
• Maintainability: Can the system be updated to provide continued availability, security and integrity?

For each of these principles, criteria for a system evaluation have been established and are included in the publication, AICPA/CICA SysTrust Principles and Criteria for Systems Reliability, Version 1 (paperbound: #060465, member price, $14.50; or CD-ROM: #060466, member price $14.50). This publication includes the SysTrust licensing agreement. The paperbound publication is also included in two CPE self-study courses.

For more information, contact the AICPA Membership Satisfaction Center at (888) 777-7077, or e-mail the team at memstat@aicpa.org.

HOME | HELP | RSS | DRIVING DIRECTIONS | SPONSOR | PRIVACY POLICY | SEARCH | SITE MAP
© Copyright 2010 Maryland Association of Certified Public Accountants, Inc. All Rights Reserved.