What is SAS 70 Certified?
by: AmyNutt |
Total views: 3 |
Word Count: 589 |
View PDF | Print View
Share This Article
SAS 70 stands for Statement on Auditing Standards No. 70. It is an auditing standard that was adopted by the American Institute of Certified Public Accountants and is widely recognized in the auditing of service organizations. An auditor performs an audit on a service organization and that audit is conducted in a way that is compliant with SAS 70. It is that standard statement that says a service organization has been through an extensive audit
This extensive audit measures is that the organization data centre has total control and has safeguards in place that does not compromise any data that they process for their customers. In other words, the job of the audit is to evaluate every aspect of the service organization that handles customer data or could result in a possible leak of customer data.
SAS 70 is necessary for the following reasons:
- It serves as a guide to service organizations when disclosing to their customers how it is they protect their information and how well they do it. The audit results are organized in a report that is easy to follow.
- It is not a checklist audit, but serves as a guide to independent auditors to form an opinion on how well the organization is utilizing their internal controls. There are certain standards that must be met during the audit.
- Provides a set of standards in which the auditor can perform a financial statement audit.
All of the information that is gathered is compiled into two types of reports. These reports are called Type I and Type II.
Type I report
A type I report takes the organizations description of their own controls at a certain point in time and describes those descriptions. The report includes the report by the independent auditor, which is simply the auditor?s opinion, and it includes the organization?s descriptions of their internal controls. There are parts of the report that are optional such as tests that are performed by the auditor and the auditor recording the results of those tests. Another optional area is the inclusion of any other information that the organization provides the auditor about its controls.
Type II
The type II report is similar to the type I report in a lot of ways. The main difference is that it is mandatory for the auditor to perform tests and record the results of those tests. This is optional with type I. All of the other areas of evaluation remain the same and the inclusion of additional data by the organization is still optional.
How the organization benefits
The organization benefits from SAS 70 because it is receiving an unbiased opinion from the outside regarding the security and the effectiveness of its financial and customer-related controls. In turn, the organization can then work on any areas of weakness, which means that the customers can feel more secure about who they are doing business with. This builds a trust with customers when they know that their financial and/or personal information with the organization are secure. It lets them know who they can turn to when they need what the service organization has to offer.
Also, a service organization that has regular audits performed is an organization that has a long business life ahead of it. As stated before, customers will turn to a secure organization to do business. That means the organization is ensuring itself a long life as long as regular audits are performed to ensure the security of their internal controls. Keeping up with their controls can also save them money from having to eventually bring their controls up-to-date.
Share This Article
Rating: Not yet rated Next Article - WiFi Cards - Enables Easy Access to Information and Previous Article - Professional Filmmaker
About the Author
Managed Hosting Provider providing state-of-the-art data centres. We are CICA 5970, SAS 70 Certified and PCI Compliant, which is the highest available standards for measuring and improving data center operations and management.
Comments
No comments posted.Add Comment
Popular Articles about: Technology
1: Tv is dead: long live web tv2: Projectors and electronics items solutions
3: expecting something big from cell phone gps tracking
4: How Does Gps Fleet Tracking System Improve Your Business?
5: Best New Laptops On The Market
6: Business Satellite Internet: Run your online business from anywhere in the world
7: What Is Driver Detective?
8: Dekomount LCD TV and Plasma Wall Brackets
9: Iphone Download Music Legally Can Save Your Wallet
10: The Basics Of Gaming Systems
11: A Better World With Nokia N76 Cellular Phone
12: Lcd Monitors- Five Reasons To Upgrade Now
13: The benefits of outsourcing your drinks vending machine
14: Installing Surround Sound For Better Home Theater
15: How to be an anonymous cult leader
16: Solar Power Water Boiler - Cut Utility Bills With Solar Energy
17: Cable Vs DSL
18: An In Depth Look At The Ccleaner Software
19: The Positive and Negative Side of Prepaid Cellular Phone Plan
20: what the gps tracking system is about
21: Best Refurbished Laptops On The Market
22: Robotic Pool Cleaner - The Concept Behind the Machine
23: Camcorder Tips: Uploading Your Video To The Web In 4 Steps
24: Download Xbox Games Online - How To Download Xbox 360 Games
25: Professional HD Video Camera: What Should You Buy?
26: What You Need To Know About CRM Software Systems
27: A Short History of Solar Energy
28: Is Your Internet As Fast As It Should Be?
29: An Inside Look At GPS Car Tracking
30: On Page SEO and Off Page SEO - Search Engine Optimization Primer