UK Assurance Framework

AAF 01/20 – UK Assurance Reporting Standard

AAF 01/20 is a UK-specific assurance framework issued by the ICAEW's Audit and Assurance Faculty. It provides service organisations with an assurance report on internal controls, widely recognised in industries such as pension administration, fund management, and payroll services.

AICPA
CISA
ACCA

Why Choose Accorp Partners?

With specialists experienced across global and UK-specific assurance standards, Accorp Partners provides precise, high-quality reporting

Expertise

Our team comprises highly skilled professionals with extensive experience in international standards and assurance services – AICPA, ISAE, ICAEW (AAF), etc.

Customized Solutions

We tailor our approach to meet the unique needs of your organization and industry.

Transparency

We provide clear, actionable reports that go beyond compliance, offering insights to improve processes and controls.

Global Standards

We ensure that our engagements comply with international assurance and auditing standards.

AAF 0120 Assurance Process

At Accorp Partners, our AAF 0120 assessment methodology ensures comprehensive coverage of controls relevant to user entities' financial reporting

Process 1

Scoping & Planning

Identify services provided to user entities and controls relevant to their financial reporting. Define scope of the AAF 0120 engagement including systems, processes, and control objectives. Determine whether Type 1 or Type 2 assurance is required.

Process 2

Control Mapping & Design

Map service organization controls to financial reporting assertions of user entities. Document control objectives, control activities, and complementary user entity controls (CUECs). Assess design effectiveness of controls.

Process 3

Implementation & Readiness (Optional)

Pre-Audit Support: Assess readiness for AAF 0120 assurance engagement. Gap Analysis: Identify control design or implementation deficiencies. Remediation: Strengthen controls before formal testing begins.

Process 4

Testing Period (Type 2 Only)

For Type 2 reports, select a testing period (typically 6-12 months). Perform detailed testing of control operating effectiveness throughout the period. Document test results, exceptions, and control deviations.

Process 5

Evidence Collection & Testing

Gather evidence of control operation through walkthroughs, inspections, observations, and re-performance. Test samples across the reporting period for Type 2. Evaluate control deficiencies and their impact on control objectives.

Process 6

AAF 0120 Reporting

Issue AAF 0120 assurance report under ASAE 3150/ISAE 3402 including: Service organization's description, control objectives, controls, auditor's opinion, test procedures (Type 2), and results. Provide to user entities and their auditors.

Related Assurance Services

Comprehensive assurance and compliance solutions for service organizations

SOC 1 Audit
SOC 1

SOC 1 Audit

US equivalent of AAF 0120 - SSAE 18 reporting on controls at service organizations

Learn More
SOC 2 Audit
SOC 2

SOC 2 Audit

Trust Services Criteria reporting on security, availability, and confidentiality

Learn More
ISAE 3402
ISAE 3402

ISAE 3402

International standard for assurance reports on controls at service organizations

Learn More