Research into Webtrust and Systrust Service

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

12 February 2014

Webtrust and Systrust Service

The biggest news during Christmas time is that Target admitted that the information of 42 million credit and debit card of their customers has been stolen by a hacker (Target). People who purchased items fromTarget between Nov. 27 and Dec.15 in 2013 hadbeen worried about their credit card safety; customers had to go to bank to cancel their old cards and get a new one. Even though Target said they had fixed the breach, customers still worried about whether shopping at Target was safe. Most of themchose to shop at other stores or pay cash when they shopped at Target. What is important is that not just Target was not the only company involved in this hack; other companies like Niemen Marcus, and other companies which use a similar system as Target were also hacked during the holiday season(Mail online).The sale in these stores decreased and their reputation were damaged. It will takes a long time for these companies to recovery.

With the technology development, there is no way thatcustomers and companies can avoid using information technology in their daily business. People have relied more on Web service than before.It is faster and easier for customers and companies to do business, but hacks in those stores will increase customers’ concern, and companies will lose their business eventually if they keep ignoring their IT systems.

Companies use the technology system to organize human resources, inventory, stock and accounting. Customers and vendors also use the technology service to contact other companies. Companies realize how important the trust service is, but most companies still put less emphasis on it, because they are concerned about the cost of building atrust service system, and the maintenancefee of the system since the systemhas to update regularly to prevent the hacks.However, recently study shows thatninety percent of companies who attended the research found uncovering computer security breaches during the last months, and seventy four percent suffered financial losses due to the breaches.The study also mentions that one-fourth found the breaches made by outsiders; one-fourth had a technology attack in the company; and eighty five percent found the computer viruses (The CPA Journal).Due to more and more hacks and computer attacks, companies now believe that the trust service is a key asset to them.Comparing to the huge financial losses and damaged reputation, companies now are more willing to spend money on the trust service to win their customers and business partner’s trust.

People enjoy the convenience brought by the trust service.However, they do not know what thetrust serviceis and howit works?Trust service includesweb trust and systrust service.According to AICPA,the definition of Trust Services is “as a set of professional assurance and advisory services based on a common framework (that is, a core set of principles and criteria) to address the risks and opportunities of IT”(AICPA). Trust Service principles and criteria are issued by the Assurance Services Executive Committee of the AICPA.Trust service is provided by the third-party service provider who designs the specific service systems for companies.

There are five principles in the trust service: security- the system will not allow access to unauthorized people or software; availability- the system is able for management and other persons to use; processing integrity- the system is complete, accurate and on time.; confidentiality-the system is designed as confidentiality; and privacy-the system will protect the company’ data, personal information and customer information from leaking.They are updated by the AICPA in 2009 (AICPA).Each organization can choose whatever they want to use, whether it is one principle or five principles in their organization; it depends on the judgment of their auditor. The auditor uses different information to make his reports and will elect different principle to apply in the report.

Even WebTrust and SysTrust are included in the trust service. They still differ from each other.Systrust offers assurance related to information systems that help a company or one of its departments to deal with their workfor many different kinds of customers; for example, management, boards of directors, customers, and business partners. Systrust service can be separated into four parts: infrastructure, software, procedures, and data. (The CPA Journal).These four parts help a company to record its data, make decisions, and evaluate its long-term performance.

Webtrust is the only e-commerce seal using individual verification which is licensed by AICPA to prevent online fraud and privacy infringements (SOC 3).It sends a good message to customers that the website the customer is using meets the high standard of webtrust which is admitted by AICPA.People can use it without any concern about hacking or losing their personal information.

Webtrust and systrust have many engagements in common; for instance, security, processing integrity, availability, confidentiality, system reliability, and other engagement combinations.On the contrary, webtrust provides more engagements than systrust, for example,privacy, certification authorities, and consumer protection (SOC 3).

Beside companies and customers care about the trust service. As accounting students, we need to know more about the trust service. A CPA with knowledge of trust service will have more chances to win the contract with his clients.Also, he can find more potential customers than other competitors when he can provide the webtrust and systrust.However, not everyone can be a trust service provider. Before a CPAfirm starts to provide trust service,first a firm should have a goodreputation in the American Institute of Certified Public Accountants, and follow rules admitted by the AICPA. Second, a firm should have CPAs in his company. Third, a firm shouldalso attend the recognized quality control system design, and be part of the system. Finally, a firmshould sign a licensing agreement and pay an annual licensing fee to CPA Canadain order to continue providing trust service (AICPA). Since information technology has become an undivided part of life, there is no reason to avoid it. No matter which job people take, all of them need to learn something about IT. I believe that accountant who is good at webtrust and systrust service will have a better future. GAAP is accepted by many countries which some of them are eager to build their own webtrust and systrust service. It gives CPA firm more opportunities to work for them. Also it provide more job positions to accountants. Accountants should catch this opportunity to enrich themselves and become the leader of this field.

As an accounting student, I think trust service is very important to my future career. If I keep using the old way to do accounting, like recording data by hands, I will lose competition withother students.In order to be a profession accountant, I need to pay more attention to webtrust and systrust service.Regardless of which direction of accounting I choose, taxpayer or auditors,I need to be familiar with these two services, and then I need to use them properly.

Webtrust and systrust are very important services for companies. They provide complex systems to process a company’s data, personal information, and customers’ information and keep them safe. Companies with a high standard of trust service are more likely to win the competition in globalization. Also, customers will be more willing to shop at the stores which provide safety systems to prevent breaches.For accountants, they should learnand use the trust service well and follow the rules admitted by the AICPA.Accountants can not only help companies to design the specific systems, but they can also use the systems to find out online frauds since many companies have used muchdifferent software to store or calculate the information. To sum up, with the development of IT, webtrust and systrust will play more virtual positions in business.

Work Cites

"At Least THREE Other Stores Had Credit Card Numbers Hacked over Holidays, Reveal

Experts amid Signs Target and Nieman Marcus Are Tip of the Iceberg."Mail Online. Associated Newspapers, 12 Jan. 2014. Web. 12 Feb. 2014.

Pugliese, Anthony J., and Ronald Halse. "The CPA Journal."The CPA Journal. N.p., n.d. Web. 16 Feb. 2014.

"SOC 3, SysTrust and WebTrust Services Principles."Auditwerx Canada RSS. N.p., n.d. Web. 16 Feb. 2014.

"Target Says 40 Million Credit, Debit Card Accounts May Be Affected by Data Breach."Fox

News. FOX News Network, n.d. Web. 12 Feb. 2014.

"Trust Services."AICPA -. N.p., n.d. Web. 16 Feb. 2014.

"Trust Services FAQ."SAS 70 Audit and Compliance. N.p., n.d. Web. 16 Feb. 2014.