What is SAS 70 Online?
SAS 70 Online is a service by which you can engage our professional accounting firm to perform your organization's SAS 70. In a few short steps, you can begin your SAS 70 today. We offer an online process for you to:
- Engage our firm
- Learn what is necessary to complete your SAS 70
- Receive advice and guidance from certified professionals as you prepare for your SAS 70
- Submit your documentation for review, and
- Ultimately, schedule the onsite audit at your location
SAS 70 Online then becomes your support mechanism to:
- Maintain your documentation as an audit trail
- Receive continuous guidance and recommendations from certified professionals, and
- Efficiently organize your annual SAS 70 requirements
SAS No. 70
- What is a SAS 70?
The American Institute of Certified Public Accountants (AICPA) issued a Statement on Auditing Standard No. 70 (SAS 70). SAS 70 is the definitive standard by which user organizations (companies that use outsourced service providers) and their auditors can gain comfort that controls at the third-party service providers are adequate to prevent or detect a related material error that could impact the user organization's financial statements.
- Do I need a SAS 70?
Do your clients outsource aspects of their information system to your organization? If so, their auditors may need to gain an understanding of controls at your organization that may affect the user organization's financial statements. SAS 70 explains the means for a service organization to obtain a single audit report for use by its clients' auditors to plan and conduct audits of financial statements. One of the objectives of SAS 70 is to preclude the need for each user auditor to conduct its own audit of the service organization's controls. A SAS 70 Type I report covers the suitability of the controls' design. Alternatively, a SAS 70 Type II report covers the suitability of the controls' design but also assesses whether the controls are operating effectively.
- What are Internal Controls?
ICPA Professional Standards AU section 314 indicates that internal control is "a process-effected by those charged with governance, management, and other personnel-designed to provide reasonable assurance regarding the achievement of objectives with regard to reliability of financial reporting, effectiveness and efficiency of operations, and compliance with applicable laws and regulations." SAS 70 Online provides a selection of Control Objectives for you to use to establish your own. Many of these Control Objectives originate from the AICPA, IT Governance Institute and the International Standards Organization.
- SysTrustSM
SysTrust is an assurance service in which SAS 70 Online tests and reports on the effectiveness of controls over system reliability. The engagement addresses controls over system availability, security, integrity and maintainability, which are based on pre-established control objectives. The SysTrust report addresses financial and non-financial systems for the benefit of management, customers and business partners.
- WebTrustSM
WebTrust is an attestation service in which SAS 70 Online reports on management's assertion about a Web site. The WebTrust program is modular by design so a practitioner may report on various aspects of a Web site based on criteria established for online privacy, confidentiality, availability, business practices/transaction integrity, security, non-repudiation and certification authorities.
- Service Comparison
- Brochure
