規制に関するガイダンス

Confirmation.com helps auditors comply with auditing standards and requirements

Learn how Confirmation.com complies with each of the governing bodies.

AICPA

AU-C Section 500: Audit Evidence

ガイダンスHow Confirmation.com complies
外部確認
.A18  外部確認とは、監査人が第三者(確認者)から監査人に対する書面での直接回答として紙媒体または電子媒体等で監査人が取得した監査証拠を指します。
Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.
Reliability
.A32
While recognizing that exceptions may exist, the following generalizations about the reliability of audit evidence may be useful:
  • The reliability of audit evidence is increased when it is obtained from independent sources outside the entity.
  • 監査人によって直接取得された監査証拠は、間接的または推論によって取得された監査証拠よりも信頼性が高くなります。
  • 紙、電子などの媒体を問わず、文書形式の監査証拠は口頭で入手した証拠よりも信頼性が高くなります。

Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.

Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service.

AU-C Section 505: External Confirmations

ガイダンスHow Confirmation.com complies
適切な確認回答者の選択
.A3 Responses to confirmation requests provide more relevant and reliable audit evidence when confirmation requests are sent to a confirming party who the auditor believes is knowledgeable about the information to be confirmed.
Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.
Reliability of Responses to Confirmation Requests
.A15
An electronic confirmation system or process that creates a secure confirmation environment may mitigate the risks of interception or alteration. Creating a secure confirmation environment depends on the process or mechanism used by the auditor and the respondent to minimize the possibility that the results will be compromised because of interception or alteration of the confirmation.
Uses the highest level of security to ensure privacy and data integrity. Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service.

Practice Alert 03-1: Audit Confirmations

ガイダンスHow Confirmation.com complies
.19 If the auditor is satisfied that the electronic confirmation process is secure and properly controlled, and the confirmation is directly from a third party who is a bona fide authorized respondent, electronic confirmations may be considered as sufficient, valid confirmation responses. Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service. Uses the highest level of security to ensure privacy and data integrity. Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.

PCAOB

AU Section 330: The Confirmation Process

ガイダンスHow Confirmation.com complies
Respondent
.27
The auditor should consider whether there is sufficient basis for concluding that the confirmation request is being sent to a respondent from whom the auditor can expect the response will provide meaningful and appropriate audit evidence.
Confirmation.com uses a unique authentication and authorization process to verify the authenticity of each user. By sending a request to a validated responder, you eliminate the burden of having to verify the identity of the respondent and whether or not they are authorized to respond.
Performing Confirmation Procedures
.29
During the performance of confirmation procedures, the auditor should maintain control over the confirmation requests and responses. Maintaining control means establishing direct communication between the intended recipient and the auditor to minimize the possibility that the results will be biased because the interception and alteration of the confirmation requests or responses.
Uses the highest level of security to ensure privacy and data integrity. Allows an auditor to send audit confirmation requests directly to the intended responder. Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service.

AU Section 326: Audit Evidence

ガイダンスHow Confirmation.com complies
Sufficient Appropriate Audit Evidence
.08 Audit evidence is more reliable when it is obtained from knowledgeable independent sources outside the entity.
Undergoes SOC 1, SOC 2 and SOC 3 examinations every six months, and has received an ISO 27001 certification of its Confirmation.com service.

ISA

ISA - ISA 505: External Confirmations

ガイダンスHow Confirmation.com complies
Para 6(a) Definition: External Confirmation
監査人が第三者(確認者)から監査人に対する書面での直接回答として紙媒体または電磁的媒体等で監査人が取得した監査証拠。
Confirmation.com enables auditors to receive audit confirmations electronically. Responses are prepared by authorized bank officials based on the auditor's request. Use of Confirmation.com meets the requirements of an ‘External Confirmation’.
Para 7 Maintaining control
外部確認手続を使用する場合、監査人は外部確認依頼に対する管理を維持するものとします。
Auditors keep complete control over the process, including client and accounts setup, requesting client authorization and the sending and receipt of confirmations.
A2 Selecting the appropriate confirming party
監査確認依頼で必要な情報を把握していると考えられる人物が依頼状を送信する場合、確認依頼に対する返答で監査証拠の信頼性と関連性が高くなります。例えば、確認の依頼先となる金融機関で確認対象となる取引や取り決めに精通している金融機関の職員が、確認依頼状を送付するのに最適な人物と言えるでしょう。
Participating banks have strict user access controls and monitoring procedures in place to ensure that only authorized bank officials respond to audit requests through Confirmation.com.
A6 Validating addresses
依頼の宛先が適切かどうかを判断するには、依頼を送信する前に確認依頼の一部、またはすべての宛先に送信可能か確かめる方法もあります。
We validate all entities participating in the Confirmation.com network. The controls surrounding this process are included in our SOC 1 report that is issued every six months as part of our controls audit. By relying on our validation procedures, you avoid the need to perform your own validation procedures.
A12 Electronic responses
ファクシミリや電子メールなど電磁的方法で受信する回答では、回答者の出所証明や権限の証明が難しく、改ざんの検出が難しい場合があるため、信頼性に関するリスクが伴います。電磁的方法で安全に回答を受信する環境を構築し、監査人と回答者がこれを使用することで、こうしたリスクを軽減できる可能性があります。こうしたプロセスが安全であり、監査人が適切に管理されていると判断した場合は、関連する回答への信頼性が高まります。電子的確認プロセスには、暗号化、電子デジタル署名、ウェブサイトの真正性を確認する手順など、電磁的方法による情報送信者の身元を検証するためのさまざまな技術が組み込まれています。

Confirmation.com's operates industry-leading information security and data privacy practices. We have procedures and controls in place to ensure the integrity, confidentiality and accessibility of data. We undergo third-party audits to demonstrate the effectiveness of our controls:

  • SOC 1, SOC 2 and SOC 3 examinations every six months.
  • Received an ISO27001 certification of the Confirmation.com service.
  • TRUSTe data privacy and EU Safe Harbor certification.
A13 Involvement of third parties
確認回答者が、確認依頼に対する回答を調整し提供するために第三者を利用している場合、監査人は、(a)回答が適切な情報源からのものでないリスク、(b)回答者に回答の権限が付与されていないリスク、(c)伝送の完全性が損なわれているリスクにそれぞれ対処するための手続を実施することができます。
Confirmation.com's control environment ensures that user access if controlled and monitored at the banks, and that transmission of data is secure and maintains integrity. Our controls reports outlined above demonstrate the effectiveness of these procedures.
Para 12 Non-responses
それぞれにつき回答が得られない場合、監査人は代替の監査手順を実行して、関連性のある信頼性の高い監査証拠を入手するものとします。
Confirmation.com guarantees responses for In-Network confirmations, avoiding the need for alternative procedures.

 

 

 

One platform for all your audit confirmations

Auditors send millions of requests worldwide to their clients' banks, law firms and suppliers. Online confirmations make this process simple.

  • Access our server from anywhere
  • Protect your clients against fraud
  • Receive fast turnarounds on confirmations
  • Easy-to-use interface
  • Access our server from anywhere
  • Protect your clients agains fraud
  • Receive fast turnarounds on confirmations
  • Confirmation types
    Start seeing the benefits of fast turnarounds, smart online security, and continued success.
    An investment that's worth it
    $0.00 per month
    By registering as an auditor, you'll receive the highest access to our services
    Get Started Today