The client
A fast-growing and award-winning SaaS (Service as a Software) company which is headquartered in London. The Client also has offices in the US and provides cloud-based Professional Services Automation (PSA) software solutions to professional services organizations around the world.
The work
The Client engaged us to perform ISAE 3402 and SSAE 18 Type II audits in accordance with the relevant standards to provide assurance to its clients over the controls it operates as a service organisation. The controls covered the full spectrum of activities involved in the delivery of the Client’s services to clients including the software development lifecycle.
How we helped
Our experienced business risk and information security consultants audited the process controls by applying the most efficient methodology in accordance with the requirements of AICPA and relevant ICAEW guidance. The testing covered both business and information technology controls.
Our consultants continuously challenged the in-scope internal controls to ensure that they were relevant and addressed financial reporting risks. The Client was kept informed of our audit findings and all exceptions noted during the course of the audit. We discussed with the client our assessment of the materiality of the exceptions identified on controls testing and the potential impact on the audit opinion.
Value added
Our specialists went beyond the scope of the ISAE 3402 and SSAE 18 audit and advised the Client on pragmatic enhancements to develop the controls, governance and oversight framework to be commensurate with the size and complexity of the organisation while also addressing the immediate emerging risks.