Overview
The new guide for user entities, Third-party risk management – Working with service organizations, discusses the control considerations related to an entity’s use of service organizations for financial reporting purposes, as communicated in the April 2024 Quick reference guide for 2024 audits. The new guide includes recommendations for user entities on working with service organizations effectively and efficiently so the entities can get the information needed to make sure the risks of using these organizations are appropriately addressed for internal control over financial reporting (ICFR) purposes. Although the guide includes references to the SEC and ICFR, its concepts and related tips apply to any entity that uses service organizations.