Last Updated on December 21, 2021 by Admin
When planning an audit, it is acceptable for an IS auditor to rely on a third-party provider’s external audit report on service level management when the:
- report was released within the last 12 months.
- scope and methodology meet audit requirements.
- service provider is independently certified and accredited.
- report confirms that service levels were not violated.