Auditing of billing system 2085
-
Hellow,
My company makes billing system software. We are new to the US market, and have been asked by some customers if our system complies comply with GAAP multicurrency requirements (I believe it’s mainly the FAS52 document). Does this fall under SOX nowadays?
How would I go about ensuring that our system complies with these requirements and then getting it audited/certified so that we can present something to the client showing that our system is in fact compliant? Are there firms that specialize in performing such audits and issuing certifications?
Thanks for some pointers on this subject.
-
Firstly, FAS52 is not in any way wrapped into SOX - nor is any other acounting standard.
Secondly, I am not aware of any particular certification that would be useful for your company (as a developer of software) or your customers assuming that this is a convential software delivery. If you are delivering a web-based application service then something like a SAS70 would be useful - but this certifies the service and not the applicaiton.
It is ultimately your customer’s responsibility to determine:
a) does the system meet their requirements (including their reporting requirements) and
b) can they put in place the controls around the process that utilises the system to be SOX compliant.
As a vendor you can make your (and your customer’s) life easier by having documentation that clearly articulates how it handles specific regulatory requirements - as you would for anyother key feature.