WebTrust is the accounting profession's answer to concerns relating to electronic commerce. Although well known as a professional service offered exclusively by accounting firms, AICPA members in industry can benefit also. The reason is, WebTrust is based on Trust Services Principles and Criteria, which constitute professional guidance as well as serving as best practices for electronic commerce. Using these principles and criteria—either separately or in combination—CPAs can offer a range of advisory and assurance services to help either clients or employers address the following customer needs:

·         Security: Is the system secure? The CPA determines whether the system is protected against unauthorized access (both physical and logical).

·         Privacy: Is customers' private information appropriately handled? The CPA determines whether private information obtained as a result of electronic commerce is collected, used, disclosed and retained as committed or agreed.

·         Availability: Is the system available as agreed upon? The CPA determines whether the system is available for operation and use as committed or agreed.

·         Confidentiality: Is customers' confidential information appropriately handled? The CPA determines whether business information designated as confidential is protected as committed or agreed.

·         Processing Integrity: Are transactions processed correctly? The CPA determines whether processing is complete, accurate, timely and authorized.

Using these Principles as a guide, AICPA members can:

·         Evaluate a company against well-developed criteria and best practices. Any deficiencies can be diagnosed at an early stage.

·         Use the Principles and Criteria to "build in" appropriate controls from the start.

·         Provide assurance. Public practitioners can offer independent verification, which the company can use to assure customers. AICPA members in industry can provide internal assurance to management and even the Board of Directors that the system meets high standards.

WebTrust can be applied to a number of different needs for an e-commerce business. As such, several branded service offerings have been developed under WebTrust, including WebTrust for Online Privacy, WebTrust for Consumer Protection, and the WebTrust for Certification Authorities, a program designed for issuers of digital certificates.

Why Should I Get Involved in WebTrust?

As e-commerce has evolved as simply one element of an overall business model, often in the form of a distribution channel, the needs of the business community have evolved. Many of these needs apply specifically to the online environment—concerns around security, privacy, system availability, and consumer protection. The market has also shown that there is demand for universal standards or best practices that will help set the level against which businesses can be measured for performance. The Trust Service Principles and Criteria can meet this need.

E-commerce businesses and their customers perceive risks in doing business over the Internet. Numerous studies over the past few years have shown that fraud, privacy, security, and even poor execution of order fulfillment can stymie growth in these businesses.

As a result of these risk factors, CPAs can provide the guidance and best practices necessary for e-commerce businesses to reach their full potential and build trust and confidence among their customers and business partners. CPAs have the proper training and skills, drawing upon over 100 years of experience in providing assurance around information, to help build the necessary confidence and trust.

WebTrust creates new revenue opportunities for CPAs in public practice, whether for advisory or assurance level work. WebTrust can also help differentiate a CPA firm in order to attract and retain talented staff in an increasingly competitive labor market. And members in industry have benefited by using the best practices in a corporate setting.