Question

Many companies use outside payroll services to process payroll. Which of the following regarding the auditor's responsibilities is most correct regarding their reliance on the internal controls of these outside payroll services?

1) Must
2) Cannot
3) Rarely
4) Can often

Answer 1

An auditor can often rely on internal controls of outside payroll services but must still evaluate the effectiveness of these controls through understanding or reports such as a SOC 1 report.

Step-by-step explanation:

When an auditor is assessing a company's use of outside payroll services, their responsibilities concerning reliance on the internal controls of these services can often be significant. The auditor has the responsibility to obtain an understanding of the service organization's controls as it relates to the processing of transactions that affect the financial statements of the company being audited. If the service organization has a report on the operating effectiveness of its controls (such as a SOC 1 report), the auditor can often use this report as part of their evidence when assessing control risk. However, the auditor must still perform their own evaluation of these controls to determine the extent to which they can be relied upon.