Directrices normativas

Confirmation.com helps auditors comply with auditing standards and requirements

Learn how Confirmation.com complies with each of the governing bodies.

AICPA

AU-C Section 500: Audit Evidence

OrientaciónHow Confirmation.com complies
Circularizaciones externas
.A18
Una circularización externa representa una prueba de auditoría obtenida por el auditor como respuesta escrita directa a este de un tercero (la parte confirmante) en papel o por medios electrónicos o de otro tipo.
Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.
Reliability
.A32
While recognizing that exceptions may exist, the following generalizations about the reliability of audit evidence may be useful:
  • The reliability of audit evidence is increased when it is obtained from independent sources outside the entity.
  • Las pruebas de auditoría obtenidas directamente por el auditor son más fiables que las obtenidas indirectamente o por inferencia.
  • La prueba de auditoría en forma documental, ya sea en papel, electrónica u otro medio, es más fiable que la prueba obtenida por vía oral.

Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.

Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service.

AU-C Section 505: External Confirmations

OrientaciónHow Confirmation.com complies
Seleccionar la parte confirmante adecuada
.A3 Responses to confirmation requests provide more relevant and reliable audit evidence when confirmation requests are sent to a confirming party who the auditor believes is knowledgeable about the information to be confirmed.
Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.
Reliability of Responses to Confirmation Requests
.A15
An electronic confirmation system or process that creates a secure confirmation environment may mitigate the risks of interception or alteration. Creating a secure confirmation environment depends on the process or mechanism used by the auditor and the respondent to minimize the possibility that the results will be compromised because of interception or alteration of the confirmation.
Uses the highest level of security to ensure privacy and data integrity. Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service.

Practice Alert 03-1: Audit Confirmations

OrientaciónHow Confirmation.com complies
.19 If the auditor is satisfied that the electronic confirmation process is secure and properly controlled, and the confirmation is directly from a third party who is a bona fide authorized respondent, electronic confirmations may be considered as sufficient, valid confirmation responses. Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service. Uses the highest level of security to ensure privacy and data integrity. Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.

PCAOB

AU Section 330: The Confirmation Process

OrientaciónHow Confirmation.com complies
Respondent
.27
The auditor should consider whether there is sufficient basis for concluding that the confirmation request is being sent to a respondent from whom the auditor can expect the response will provide meaningful and appropriate audit evidence.
Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.
Performing Confirmation Procedures
.29
During the performance of confirmation procedures, the auditor should maintain control over the confirmation requests and responses. Maintaining control means establishing direct communication between the intended recipient and the auditor to minimize the possibility that the results will be biased because the interception and alteration of the confirmation requests or responses.
Uses the highest level of security to ensure privacy and data integrity. Allows an auditor to send audit confirmation requests directly to the intended responder. Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service.

AU Section 326: Audit Evidence

OrientaciónHow Confirmation.com complies
Pruebas de auditoría suficientes y adecuadas
.08 Audit evidence is more reliable when it is obtained from knowledgeable independent sources outside the entity.
Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service.

ISA

ISA - ISA 505: External Confirmations

OrientaciónHow Confirmation.com complies
Definición del párrafo 6(a): Confirmación externa
Pruebas de auditoría obtenidas como respuesta escrita directa al auditor por parte de un tercero (la parte confirmante), en papel o por medios electrónicos o de otro tipo.
Confirmation.com enables auditors to receive audit confirmations electronically. Responses are prepared by authorized bank officials based on the auditor's request. Use of Confirmation.com meets the requirements of an ‘External Confirmation’.
Párrafo 7: Mantener el control
Al utilizar procedimientos de circularizaciones externas, el auditor mantendrá el control sobre las solicitudes correspondientes.
Los auditores conservan el control total sobre el proceso, incluida la configuración de las cuentas y los clientes, la solicitud de autorización del cliente y el envío y recepción de circularizaciones.
A2 Selecting the appropriate confirming party
Las respuestas a las solicitudes de circularización proporcionan pruebas de auditoría más relevantes y fiables cuando se envían a una parte confirmante que, según el auditor, conoce la información que se va a confirmar. Por ejemplo, un responsable de una institución financiera que conozca las transacciones o los acuerdos para los que se solicita la circularización puede ser la persona más adecuada del organismo a la que solicitar la circularización.
Participating banks have strict user access controls and monitoring procedures in place to ensure that only authorized bank officials respond to audit requests through Confirmation.com.
A6 Validar direcciones
Determinar que las solicitudes tienen la dirección correcta incluye comprobar la validez de algunas o todas las direcciones de las solicitudes de circularización antes de su envío.
We validate all entities participating in the Confirmation.com network. The controls surrounding this process are included in our SOC 1 report that is issued every six months as part of our controls audit. By relying on our validation procedures, you avoid the need to perform your own validation procedures.
A12 Respuestas electrónicas
Las respuestas recibidas electrónicamente, por ejemplo por fax o correo electrónico, implican riesgos en cuanto a su fiabilidad, ya que puede ser difícil establecer la prueba del origen y la autoridad del respondedor, y las alteraciones pueden ser difíciles de detectar. Un proceso utilizado por el auditor y el respondedor que cree un entorno seguro para las respuestas recibidas electrónicamente puede mitigar estos riesgos. Si el auditor tiene la certeza de que dicho proceso es seguro y está debidamente controlado, la fiabilidad de las respuestas correspondientes aumenta. Un proceso de circularización electrónica podría incorporar diversas técnicas para validar la identidad de un remitente de información en formato electrónico, por ejemplo, mediante el uso de cifrado, firmas digitales electrónicas y procedimientos para verificar la autenticidad del sitio web.

Confirmation.com's operates industry-leading information security and data privacy practices. We have procedures and controls in place to ensure the integrity, confidentiality and accessibility of data. We undergo third-party audits to demonstrate the effectiveness of our controls:

  • SOC 1, SOC 2 and SOC 3 examinations every six months.
  • Received an ISO27001 certification of the Confirmation.com service.
  • TRUSTe data privacy and EU Safe Harbor certification.
A13 Participación de terceros
Si una parte confirmante utiliza a un tercero para coordinar y proporcionar respuestas a las solicitudes de circularización, el auditor puede realizar procedimientos para abordar los riesgos de que: a) la respuesta no provenga de la fuente adecuada; b) es posible que el respondedor no esté autorizado a responder; y c) la integridad de la transmisión puede haberse visto comprometida.
Confirmation.com's control environment ensures that user access if controlled and monitored at the banks, and that transmission of data is secure and maintains integrity. Our controls reports outlined above demonstrate the effectiveness of these procedures.
Párrafo 12: Falta de respuesta
En el caso de cada falta de respuesta, el auditor aplicará procedimientos de auditoría alternativos para obtener pruebas de auditoría pertinentes y fiables.
Confirmation.com guarantees responses for In-Network confirmations, avoiding the need for alternative procedures.

 

 

 

One platform for all your audit confirmations

Auditors send millions of requests worldwide to their clients' banks, law firms and suppliers. Online confirmations make this process simple.

  • Access our server from anywhere
  • Protect your clients against fraud
  • Receive fast turnarounds on confirmations
  • Easy-to-use interface
  • Access our server from anywhere
  • Protect your clients agains fraud
  • Receive fast turnarounds on confirmations
  • Confirmation types
    Start seeing the benefits of fast turnarounds, smart online security, and continued success.
    An investment that's worth it
    $0.00 per month
    By registering as an auditor, you'll receive the highest access to our services
    Get Started Today