Page 143 - NovDefComp
P. 143
KPMG LLP
345 Park Avenue
New York, NY 10154-0102
Independent Service Auditor’s Report
To the Management of Massachusetts Mutual Life Insurance Company
Scope
We have examined Massachusetts Mutual Life Insurance Company’s (MassMutual or the Company)
description of its system entitled “Description of the Defined Benefit and Defined Contribution Recordkeeping
Operations General Information Technology Controls System” to provide support for the MassMutual business
units for processing their user entities’ transactions throughout the period October 1, 2019 to September 30,
2020 (the description) and the suitability of the design and operating effectiveness of the controls included in
the description to achieve the related control objectives stated in the description, based on the criteria identified
in the “MassMutual’s Assertion” (the assertion). The controls and control objectives included in the description
are those that management of MassMutual believes are likely to be relevant to user entities’ internal control
over financial reporting, and the description does not include those aspects of the Defined Benefit and Defined
Contribution Recordkeeping Operations General Information Technology Controls System that are not likely to
be relevant to user entities’ internal control over financial reporting.
The information included in Section V, “Other Information Provided by MassMutual”, is presented by
management of MassMutual to provide additional information and is not a part of MassMutual’s description of
its Defined Benefit and Defined Contribution Recordkeeping Operations General Information Technology
Controls System made available to user entities during the period October 1, 2019 to September 30, 2020.
Information about MassMutual’s business continuity planning and the impact of COVID-19 has not been
subjected to the procedures applied in the examination of the description of the Defined Benefit and Defined
Contribution Recordkeeping Operations General Information Technology Controls System and of the suitability
of the design and operating effectiveness of controls to achieve the related control objectives stated in the
description of the Defined Benefit and Defined Contribution Recordkeeping Operations General Information
Technology Controls System and, accordingly, we express no opinion upon it.
MassMutual uses the subservice organizations identified in Section III to perform some of the services provided
to user entities that are likely to be relevant to those user entities’ internal control over financial reporting. The
description includes only the control objectives and related controls of MassMutual and excludes the control
objectives and related controls of the subservice organization. The description also indicates that certain control
objectives specified by MassMutual can be achieved only if complementary subservice organization controls
assumed in the design of MassMutual’s controls are suitably designed and operating effectively, along with the
related controls at MassMutual. Our examination did not extend to controls of the subservice organization and
we have not evaluated the suitability of the design or operating effectiveness of such complementary
subservice organization controls.
The description indicates that certain control objectives specified in the description can be achieved only if
complementary user entity controls assumed in the design of MassMutual’s controls are suitably designed and
operating effectively, along with related controls at MassMutual. Our examination did not extend to such
complementary user entity controls, and we have not evaluated the suitability of the design or operating
effectiveness of such complementary user entity controls.
KPMG LLP, a Delaware limited liability partnership and a member firm of
the KPMG global organization of independent member firms affiliated with
KPMG International Limited, a private English company limited by guarantee.
