What are CITPs, anyway?

What a CITP knows.  It's actually lots of stuff.
CITP Body of Knowledge

A CITP is a certified auditor of information technology systems.

  • A CITP is required to certify compliance of an IT system.
  • CITP are certified by AICPA.
  • Michael Warren is a CITP.
  • IAS certifies compliance of IT systems.

A CITP is a Certified Information Technology Professional.  A CPA.CITP is a CPA who is uniquely qualified to evaluate the validity of a company’s data and financial statements as well as the Service Organization Controls (SOC) intended to protect their information technology systems. The CITP designation is awarded by the AICPA to CPAs with extensive experience in information technology. With a broad understanding of  how information technology is integrated with accounting, CPA.CITPs are able to offer insights to businesses that a CPA or information technology professional with only one designation cannot offer.

To be certified by AICPA  as a CPA.CITP, a CPA must demonstrate an understanding of information technology principles and practices encompassing a wide body of knowledge across both disciplines. As a CPA.CITP, Michael Warren, the Principal of Integrated Accounting Services (IAS) has years of experience personally performing accounting audits.  He is recognized for his understanding of information technology and its relationship with business accounting. This unique body of knowledge and experience establishes Mr. Warren as one of only a few CPAs qualified to perform audits of the degree of suitability of controls of service organizations and their users, for transmitting, storing, and protecting private and nonpublic data.

To provide a professional solution for these new standards the team at Integrated Accounting Services (IAS) performs audits for service organizations and their clients during the same testing period where possible.  IAS’s integrated approach to auditing both the service organization and its clients provides increased security, integrity and privacy for all systems. Timely coordinated reports and periodic follow-ups are part of the integrated approach to qualifying service organizations and their user entities and reporting the higher level of assurance to responsible parties.

This article is provided by Integrated Accounting Services for those seeking clarification of IT system and control requirements. Please contact us if you need an assessment of your system and to determine whether you need a SOC 1 or a SOC  2 audit to assure clients of your compliance with new standards.

Leave a Reply

Your email address will not be published. Required fields are marked *

Go back to top