Page 14 - NovDefComp
P. 14
Service Auditor’s Responsibilities
Our responsibility is to express an opinion on the fairness of the presentation of the description and on the
suitability of the design and operating effectiveness of the controls to achieve the related control objectives
stated in the description, based on our examination.
Our examination was conducted in accordance with attestation standards established by the American Institute
of CPAs. Those standards require that we plan and perform the examination to obtain reasonable assurance
about whether, in all material respects, based on the criteria in management’s assertion, the description is fairly
presented and the controls were suitably designed and operating effectively to achieve the related control
objectives stated in the description throughout the period October 1, 2019 to September 30, 2020. We believe
that the evidence we obtained is sufficient and appropriate to provide a reasonable basis for our opinion.
An examination of a description of a service organization's system and the suitability of the design and
operating effectiveness of controls involves:
performing procedures to obtain evidence about the fairness of the presentation of the description and the
suitability of the design and operating effectiveness of the controls to achieve the related control objectives
stated in the description, based on the criteria in management’s assertion,
assessing the risks that the description is not fairly presented and that the controls were not suitably
designed or operating effectively to achieve the related control objectives stated in the description,
testing the operating effectiveness of those controls that management considers necessary to provide
reasonable assurance that the related control objectives stated in the description were achieved,
evaluating the overall presentation of the description, suitability of the control objectives stated in the
description, and suitability of the criteria specified by the service organization in its assertion.
Inherent limitations
The description is prepared to meet the common needs of a broad range of user entities and their auditors who
audit and report on user entities’ financial statements and may not, therefore, include every aspect of the
system that each individual user entity may consider important in its own particular environment. Because of
their nature, controls at a service organization may not prevent, or detect and correct, all misstatements in
processing or reporting transactions. Also, the projection to the future of any evaluation of the fairness of the
presentation of the description, or conclusions about the suitability of the design or operating effectiveness of
the controls to achieve the related control objectives stated in the description is subject to the risk that controls
at a service organization may become ineffective.
Description of Tests of Controls
The specific controls tested and the nature, timing, and results of those tests are listed in Section IV.
Opinion
In our opinion, in all material respects, based on the criteria described in MassMutual’s assertion:
a. the description fairly presents the Defined Benefit and Defined Contribution Investment Service
Operations System that was designed and implemented throughout the period October 1, 2019 to
September 30, 2020;
b. the controls related to the control objectives stated in the description were suitably designed to provide
reasonable assurance that the control objectives would be achieved if the controls operated effectively
throughout the period October 1, 2019 to September 30, 2020, and subservice organizations applied
3
