WebTrust and SysTrust are assurance services provided by CPAs to evaluate a company's website or information systems based on Trust Services principles and criteria. For WebTrust, the CPA ensures the website complies with principles of security, availability, processing integrity, online privacy, and confidentiality. For SysTrust, the CPA evaluates controls over a system using the same principles to determine if they are operating effectively. In both services, the CPA issues an unqualified attestation report if the system meets the Trust Services requirements.
WebTrust and SysTrust are assurance services provided by CPAs to evaluate a company's website or information systems based on Trust Services principles and criteria. For WebTrust, the CPA ensures the website complies with principles of security, availability, processing integrity, online privacy, and confidentiality. For SysTrust, the CPA evaluates controls over a system using the same principles to determine if they are operating effectively. In both services, the CPA issues an unqualified attestation report if the system meets the Trust Services requirements.
WebTrust and SysTrust are assurance services provided by CPAs to evaluate a company's website or information systems based on Trust Services principles and criteria. For WebTrust, the CPA ensures the website complies with principles of security, availability, processing integrity, online privacy, and confidentiality. For SysTrust, the CPA evaluates controls over a system using the same principles to determine if they are operating effectively. In both services, the CPA issues an unqualified attestation report if the system meets the Trust Services requirements.
Understand the nature of WebTrust and SysTrust assurance services.
WebTrust Services • Clients are engaged a CPA to provide reasonable assurance that a company’s website compliance with certain Trust Services principles and criteria for one or more aspects of e-commerce activity. • It is also a specific services developed under the broader Trust Services principle and criteria jointly issued by the AICPA and CICA. • When performing WebTrust assurance services, CPA will make sure that the company’s website complies with the Trust Services principle • Trust Services principle represent broad statements of objectives and the company must meet the criteria stated to obtain and maintain its WebTrust seal. Five Trust Services Principle • Security To ensure that the system is protected against unauthorized access • Availability To ensure that the system is available for operation and use as committed or agreed • Processing Integrity To ensure that the system processing is complete, accurate, timely, and authorized • Online Privacy To ensure that personal information obtained as result of e-commerce is collected, used, disclosed, and retained as committed or agreed • Confidentially To ensure that information designated as confidential is protected as committed or agreed SysTrust Services • Provides assurances to management, the board of director, or third parties about the reliability of information systems used to generate real-time information. • In a SysTrust engagement, the SysTrust licensed CPA evaluates a company’s computer system using Trust Services principle and criteria to determine whether controls over the system exist. • CPA will test to determine whether those controls were operating effectively during a specified period. • If system meets the requirement of Trust Services principle and criteria, an examination – level unqualified attestation report is issued under AICPA attestation standards.