WebTrust / SysTrust Services

 

WebTrust and SysTrust Services, also known as Trust Services, are an American Institute of Certified Public Accountants (AICPA) defined set of principles and criteria. A licensed CPA firm is engaged to provide assurance that the company’s controls over a defined system meet the Trust Services Criteria for the specific principle(s) being examined.

When a service auditor’s report is not an appropriate method for communicating a company’s controls over certain information technology objectives, a Trust Services (SysTrust/WebTrust) report may be utilized.

Developed by the AICPA and Canadian Institute of Chartered Accountants (CICA), the Trust Services principles and criteria are a defined set of professional attestation and advisory services based on a core set of principles and criteria that addresses the risks and opportunities of IT-enabled systems and privacy programs.

A Trust Services report helps differentiate entities from their competitors by demonstrating to stakeholders that the entities are attuned to the risks posed by their environment and equipped with the controls that address those risks. Therefore, the potential recipients of Trust Services assurance reports are consumers, business partners, creditors, bankers, regulators and outsourcers.

Guiding Principles of Trust Services Reporting

The following principles and related criteria have been developed by the AICPA and the CICA for use by practitioners in the performance of Trust Services engagements:

Security
The system is protected against unauthorized access (both physical and logical).

Availability
The system is available for operation and use as committed or agreed.

Processing Integrity
System processing is complete, accurate, timely, and authorized.

Confidentiality
Information designated as confidential is protected as committed or agreed.

Privacy
Personal information is collected, used, retained, disclosed, and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA and CICA.

WebTrust / SysTrust Report Deliverable

The successful passing of a Trust Services review results in an online report that is placed on the client’s website through a link issued by the AICPA and CICA which is valid for 12 months from the date of the report. The report should be updated on an annual basis.

For a free phone consultation submit the short form to the right, or call 1-888-702-5446 today.

Industries

We serve start-up companies to Fortune 500 organizations around the world in:

Contact Us Today!

For a free phone consultation complete this short form

*Required fields