Auditing Basics: What is an Assertion?

Author: kirkpatrickprice00

Description: Learn more at

At the beginning stages of the audit process, an organization will be asked to provide an assertion to their auditor. This assertion lays the foundation for the audit because it is a written claim by an organization describing their systems and what it is their services are expected to accomplish for the organizations they do business with. It tells auditors how an organization’s system is designed and how it’s supposed to operate.
Throughout the audit process, an auditor will review an organization’s internal controls, culminating in a final audit report wherein the auditor’s opinion is based on whether or not the assertion is fairly presented. This means that when an organization provides their assertion to their auditor, it needs to be as accurate as possible. For example, if your organization provides an assertion that states your employees are regularly trained and tested on cybersecurity best practices, an auditor will validate that this is accurate.
Stay Connected

More Free Resources
White Papers:

About Us
KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to clients in more than 48 states, Canada, Asia, and Europe. The firm has over 13 years of experience in information security and compliance assurance by performing assessments, audits, and tests that strengthen information security and internal controls. KirkpatrickPrice most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and CFPB frameworks.

For more about KirkpatrickPrice:
Contact us today: 800-770-2701