A Service Auditor’s Report is used by a service organization to convey to its clients the extent of internal control systems which are in operation.

Businessman presses button internal control on virtual screens. Business, technology, internet and networking concept.

 The Canadian Standard on Assurance Engagements (CSAE 3416)  allows auditors to issue a service Auditor’s Report regarding whether described controls:

  • are presented fairly,
  • are suitably designed to achieve the control objectives, and
  • whether they are operating effectively (Type 2 report).


The following is a sample list of organizations which may be required to produce this type of audit report:​

  • Payroll service providers,
  • Claims processors,
  • Benefits administrators,
  • Third party administrators,
  • Data centres,
  • Application service providers (ASPs), and
  • Outsourced IT departments

(This is not an exhaustive list)

At Edward & Manning, we have many years of experience evaluating internal controls and providing service auditor reports.   If you have been asked to provide or believe your company could benefit from this type of audit report please contact us.  As auditor we not only provide the service audit report but we also provide value added advise on areas of efficiency and improvements in internal control.