|
SAS 70 Audit
Service organizations of all sizes can demonstrate their commitment to internal controls by proactively obtaining a Service Auditor's Report.
In the past, SAS 70 audits were only performed for the largest service providers. But today, a Service Auditor’s Report is crucial for service organizations of all sizes wanting to remain competitive in an increasingly crowded marketplace.
How we can help
Firmly grounded in the AICPA Statement on Auditing Standards (SAS) No. 70, our Service Auditor’s Report is one of the best ways for a service organization to differentiate itself from its competitors and clearly express a commitment to internal controls. We offer two types of SAS 70 reports:
- Type I – Reports on controls placed in operation
- Type II – Reports on controls placed in operation and tests of operating effectiveness
Throughout the SAS 70 engagements we keep our clients informed of our progress. At the conclusion of the project we present The Service Auditor’s Report, which contains a description of tests performed and our findings in the following areas:
- Operations and equipment
- Control environment
- Computer general controls
- Control over computer operations
- Control over access to programs and data
- Control over new development and changes to existing programs and systems
- Information systems
- User responsibilities
One of the key benefits of our report is it provides a single source of information in a standardized format that can be relied on when evaluating a service organization's controls. A SAS 70 report can also be used as a marketing tool, demonstrating to potential customers that your management has been proactive in obtaining the opinion of a reputable third party as to the soundness of your organization's controls.
|
