Prior to the pandemic that affects the world since earlier last year, many sectors were already redesigning their operating models to enhance efficiency and effectiveness in the digital era. These efforts are now even more relevant than ever as companies require leaner, more adaptive digital enterprises that can change and respond quickly. We see that transitioning certain functions to cost effective shared service centre or outside the enterprise entirely via managed service or outsourcing relationships with third parties are high on the list of many enterprises planned actions in the Post Pandemic Era.
Many organisations are able to function more efficiently and effectively by outsourcing tasks or entire functions to another service organisation. These outsourcing relationships may increase revenues, expand market opportunities, and reduce costs for the user entities and business partners, they also result in additional risks arising from interactions with a service organisation and its systems. In supporting their risk assessments on service organisations, user entities and business partners may request independent reports on an examination or review of controls from the service organisation. This is where assurance standards for reporting on service organisation controls such as SOC Reporting and ISAE 3402 were developed.