Information, Articles, Tools, and Useful LinksCommittee Listings, Member Forums, and Find a CITPInformation on AICPA Tech. Conference, Seminars, Webcasts, and ConferencesIT Section Membership Information, CITP Credential Information, Members Only Tools and Communications, and MorePublications, CPE, Conferences, and Webcasts
 
Search
 

Search Options
Infotech Home > Resources > Trust Services

Trust Services

Trust Services (including WebTrust® and SysTrust®) are defined as a set of professional assurance and advisory services based on a common framework (that is, a core set of principles and criteria) to address the risks and opportunities of IT. Trust Services principles and criteria are issued by the Assurance Services Executive Committee of the AICPA.

 

The Trust Services Criteria and Illustrations provide guidance when providing assurance services, advisory services, or both on information technology (IT)-enabled systems including electronic commerce (ecommerce) systems. It is particularly relevant when providing services with respect to security, availability, processing integrity, privacy, and confidentiality. In addition to its valuable guidance for CPAs providing IT advisory or assurance services, the Trust Services Principles are specifically applicable to two AICPA/CICA services—SysTrust and WebTrust.

CPA’s Guide to Successfully Implementing and Marketing Trust Services
IT Section Member
Trust Services help the CPA in public practice and business and technology define the systems, evaluate the controls over those systems, and diagnose solutions to enhance those systems. Learn More>>
What Are WebTrust Services and Why Should I Get Involved?
An overview of the WebTrust(SM) Service that can be offered to clients who want e-commerce assurance. Learn More>>
Marketing WebTrust Services
Helpful tips for CPAs who wish to market WebTrust (SM) Services to their clients. Learn More>>
What Skills Do I Need to Provide WebTrust Services?
CPAs have skills in evaluating evidence, determining the effectiveness of internal controls, and reporting to third parties on the results of the work performed. Learn More>>
Marketing SysTrust Services
Helpful tips for CPAs who wish to market SysTrust® services to their clients. Learn More>>
Getting Started With WebTrust
Find out how to get started providing WebTrust (SM) Services to clients. Learn More>>
What Skills Do I Need to Provide SysTrust Services?
Learn more about the skills that CPAs need to provide SysTrust® services to clients. Learn More>>
Trust Services Principles and Criteria - An Overview
WebTrust® and SysTrust® are based on a common framework to address the risks and opportunities of IT. Learn More>>
Getting Started
Learn more about how to get started providing SysTrust® Services to clients. Learn More>>
FAQs About WebTrust
Review these Frequently Asked Questions and Answers to learn more about WebTrust (SM) Services. Learn More>>
FAQs About SysTrust
Review these Frequently Asked Questions and Answers to learn more about SysTrust® Services. Learn More>>
What Is a System?
In order to understand the principles of a reliable system, you need to understand the commonly accepted definition of a system. Learn More>>
What Are SysTrust Services and Why Should I Get Involved?
An overview of the SysTrust® Service, which can be offered to clients who want assurance on the reliability of their systems. Learn More>>
Marketing WebTrust Services
Helpful tips for CPAs who wish to market WebTrust (SM) Services to their clients. Learn More>>
SysTrust® Definition of a Reliable System
SysTrust® principles represents the concept of a reliable system. The criteria underlying those principles represent the controls that should be in place, and operating effectively, in order to conclude that a system is reliable. Learn More>>
SAS No. 70, SysTrust & WebTrust: A Comparison
SAS No. 70, SysTrust, and WebTrust are focused on information systems provided by CPAs. They can all be used to meet requirements set by corporations, other CPAs, and government. Yet, despite their similarities, these engagements are not necessarily interchangeable. Learn More>>
WebTrust for Certification Authorities
This document provides a framework for licensed WebTrust® practitioners to assess the adequacy and effectiveness of the controls employed by certification authorities (CAs). The importance of this function will continue to increase as the need for third-party authentication to provide assurance with respect to electronic commerce (e-commerce) business activities increases. Learn More>>
Effects of a Third-Party Service Provider in a WebTrust SM/TM or Similar Engagement
This document provides additional guidance to practitioners in situations where specific services and/or activities of relevance in a WebTrust engagement for a WebTrust client are outsourced or otherwise performed by a TPSP. Learn More>>
The Need for Reliable Systems
IT Section Member
Business systems typically are organized to transform data inputs into information outputs using infrastructure, software, people, procedures, and data. These components are used together within a business context to produce information for decision making or toperform other pre-programmed actions such as turning devices and related functions on or off, regulating their activity, and reporting on their status. Learn More>>
Frequently Asked Questions on the Use of Generally Accepted Privacy Principles in WebTrust Engagements
These Frequently Asked Questions (FAQs) provide suggestions and clarifications on the application of GAPP in attestation engagements, with emphasis on those engagements in which the superseded Trust Services’ online privacy principle and criteria were used previously. This includes WebTrust Online Privacy and other Trust Services engagements. In addition, these FAQs address questions posed on GAPP and SAS No. 70. Learn More>>