Third party assurance services

Drive performance with a strong third party assurance program

Leveraging third parties to perform core and non-core functions in an organization’s extended enterprise is playing a vital role in helping companies increase their efficiency and drive performance. As a result, outsourcing has evolved into a strategic business practice and outsourced service providers (OSPs) can have more of an impact on their clients’ internal control framework, including their financial reporting and compliance requirements.

Optimizing third party assurance reporting

This increased reliance on OSPs—and the critical role that they can play in their clients’ business—has led to an increase in demand for third-party assurance programs. A multidirectional approach is required to manage these complex relationships because of the global nature, risks, and industry regulations associated with outsourcing. Third-party assurance reporting can help OSPs clearly define, assess, and communicate their approach to their clients.

Since the circumstances around each OSP relationship are unique, a leading OSP process leverages a tailored reporting approach that uses multiple reporting methods. By taking the necessary steps to identify the need for third-party assurance reporting and the appropriate reporting type, the OSP (and the associated users) can help ensure that their risk and compliance needs are addressed. Anticipating and managing these multiple risks is vital to effective third-party relationships.

​A measured approach for third party assurance reporting optimization

For large, complex service organizations, a thoughtful approach to assurance can save time, money, and lead to more satisfied clients and prospects. Deloitte helps clients optimize their third-party reporting by establishing a process that drills into understanding, operationalizing, enhancing and continuously monitoring their third-party assurance approach.

The Deloitte difference

Deloitte conducts independent assessments of an organization’s control procedures to establish if existing controls/processes meet management objectives and to demonstrate controls to customers and their auditors through reporting and integrated requirements.

Our services provide value by helping clients with:

  • Reporting and audit requirements: SOC 1, 2, and 3 reports (based on SSAE 16, ISAE 3402, and AT101 guidance); Custody Rule; Agreed upon Procedures (AUP); AT101 audits
  • Minimizing audit requests: Third-party services can reduce the number of requested audits over the service organization’s internal controls by different customers and their auditors.
  • Third-party assurance: Assurance and trust services can also provide management with a level of assurance over business and/or IT controls through control testing, contract risk and compliance, continuous monitoring, and readiness.

To learn more about how Deloitte can help your organization, click Next Steps to the right and contact us for more information.

Deloitte means Deloitte & Touche LLP, a subsidiary of Deloitte LLP