WebTrust Audits / SysTrust Audit Service
WebTrust audits and SysTrust audits service, also known as Trust Services, are an American Institute of Certified Public Accountants (AICPA) defined set of principles and criteria. A licensed CPA firm is engaged to provide assurance that the company’s controls over a defined system meet the Trust Services Criteria for the specific principle(s) being examined.
When a service auditor’s report is not an appropriate method for communicating a company’s controls over certain information technology objectives, a Trust Services (SysTrust audit / WebTrust audit) report may be utilized.
Developed by the AICPA and Canadian Institute of Chartered Accountants (CICA), the Trust Services principles and criteria are a defined set of professional attestation and advisory services based on a core set of principles and criteria that addresses the risks and opportunities of IT-enabled systems and privacy programs.
A Trust Services report helps differentiate entities from their competitors by demonstrating to stakeholders that the entities are attuned to the risks posed by their environment and equipped with the controls that address those risks. Therefore, the potential recipients of Trust Services assurance reports are consumers, business partners, creditors, bankers, regulators and outsourcers.
A WebTrust certification, or WebTrust Seal, is a unique seal of assurance that was developed by the AICPA and CICA in order to diminish the barriers of eCommerce by assuring all online customers that companies selling products online are adhering to the standard business and information practices and disclosures. A WebTrust certification is awarded to websites that complies to the WebTrust Principles and Criteria. A website visitor can view the WebTrust certification and WebTrust Audit Report by clicking on the WebTrust Seal. A-lign CPA’s licensed accountants are qualified to issue WebTrust certifications.
Guiding Principles of Trust Services Reporting
The following principles and related criteria have been developed by the AICPA and the CICA for use by practitioners in the performance of Trust Services engagements:
Security
The system is protected against unauthorized access (both physical and logical).
Availability
The system is available for operation and use as committed or agreed.
Processing Integrity
System processing is complete, accurate, timely, and authorized.
Confidentiality
Information designated as confidential is protected as committed or agreed.
Privacy
Personal information is collected, used, retained, disclosed, and destroyed in conformity with the commitments in the entity’s privacy notice and with criteria set forth in generally accepted privacy principles issued by the AICPA and CICA.
WebTrust Audits / SysTrust Audits Report Deliverables
The successful passing of a Trust Services review results in an online report that is placed on the client’s website through a link issued by the AICPA and CICA which is valid for 12 months from the date of the report. The report should be updated on an annual basis.
For a free phone consultation, please submit the short form to the right, or call 1-888-702-5446 today.