FAQ
FAQ’s
Are we required to interact with auditors, and do they have to interview someone at the company to meet AICPA peer review requirements? If so, how does a low-touch audit service work?

Are we required to interact with auditors, and do they have to interview someone at the company to meet AICPA peer review requirements? If so, how does a low-touch audit service work?

In a conventional audit, communication between the auditor and the company would include all of the following aspects: creating system descriptions, understanding the evidence provided, and ensuring that the documents are in agreement with the system description. These evidence and documents must also be cataloged per the auditor’s Information Request List (IRL). The process involves consultations and interviews with company representatives in order to assure that the auditor understands the significance of evidence submitted against each requirement.

This is made easier by Sprinto’s low-touch auditor service and automated evidence collection. Information, including system descriptions and pieces of evidence, is directly available on the platform from Sprinto for audit purposes. The auditor may collaborate with your organization on an independent dashboard and check all the evidence mapped to compliance requirements in one place. The necessity for detailed conversations between the auditor and the company is also cut down.

It is important to note that auditors will still require a management assertion from the company. A management assertion is a formal document stating that the claims made by the organization and the information availed are accurate and reliable. While most of the audit process can be approached through the platform, some auditors may still hold interviews with primary stakeholders so as to elicit some clarification on specific issues or matters.

With Sprinto, during such sessions, the team is always there to be of assistance and support such a meeting with the stakeholders involved with your organization. In turn, all questions pertinent from the auditors will be addressed effectively and accurately while maintaining the integrity of the audit process being handled without heavy manual efforts on your team.

Overall, Sprinto’s zero-touch audit service significantly reduces the manual interactions traditionally required while still adhering to necessary audit standards and requirements set by the AICPA.

Was this article helpful?

How can we improve this article?

Related questions

  • Which is the latest version of the PCI DSS compliance?
  • What is the current version of ISO 27001?
  • What is PCI DSS compliance verification?
  • What are PCI DSS compliance milestones?
  • What are the three steps of PCI compliance?
  • What are the functions of PCI?
  • How often must PCI DSS compliance be validated?
  • What is required for PCI DSS compliance?
  • How to reduce PCI DSS cost?
  • Does ISO 27001 require MFA?

Found this useful?

Get SOC 2 compliance
ready in 4 weeks!

Try Sprinto

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales