SAS 70 Online has the specialization required for the unique SAS 70 requirements. We employ senior level auditors who perform all facets of your SAS 70 engagement. As our client, you have one licensed firm providing the solution, not a team of third party consultants. Our employees hold the following professional certifications:
A CPA is the statutory title of qualified accountants in the United States who have passed the Uniform Certified Public Accountant Examination and have met additional state education and experience requirements for certification as a CPA. The primary function of a CPA relates to assurance services, called public accounting. In assurance services, CPAs attest to the reasonableness of disclosures, the freedom of material misstatement and the adherence to applicable standards and principles.
CISSP Certification was designed by the Information Security Consortium to recognize mastery of an international standard for information security.
The CISSP Common Body of Knowledge (CBK) includes:
- Access Control Systems & Methodology
- Applications & Systems Development
- Business Continuity Planning
- Law, Investigation & Ethics
- Operations Security
- Physical Security
- Security Architecture & Models
- Security Management Practices
- Telecommunications, Network & Internet Security
Established in 1978 by the Information Systems Audit and Control Association
A benchmark performance measure to evaluate an individual’s competency in conducting IS audits using the CISA Common Body of Knowledge (CBK):
- Coverage of Information System Security Issues
- Enterprise-wide security organizational and policy issues
- Logical Access Issues and Exposures
- Authentication Techniques
- Programs, Files & System Resources to Protect
- Monitoring Activities
- Encompasses both Host & Network Based Systems
- Internet Issues and protection mechanisms addressed
- Physical Access Issues and Exposures
Introduced in 2007, the CGEIT designation is designed for professionals who manage, provide advisory and/or assurance services, and/or who otherwise support the governance of an enterprise’s IT and wish to be recognized for their IT governance-related experience and knowledge. CGEIT is based on ISACA’s and the IT Governance Institute’s (ITGI’s) intellectual property and the input of subject matter experts around the world.
CGEIT focuses on:
- IT Governance Frameworks
- Strategic Alignment
- Value Delivery
- Risk Management
- Resource Management
- Performance Measurement
The Certified Internal Auditor® (CIA®) designation is the only globally accepted certification for internal auditors and remains the standard by which individuals demonstrate their competency and professionalism in the internal auditing field.
A Certified Internal Auditor has demonstrated an understanding of:
- The Internal Audit Activity’s Role in Governance, Risk and Control
- Conducting the Internal Audit Engagement
- Business Analysis and Information Technology
- Business Management Skills
Introduced in 2010, The Certified in Risk and Information Systems Control certification (CRISC), pronounced “see-risk,” is intended to recognize a wide range of IT and business professionals for their knowledge of enterprise risk and their ability to design, implement and maintain information system (IS) controls to mitigate such risks.
CRISC focuses on:
- Risk identification, assessment and evaluation
- Risk response
- Risk monitoring
- IS control design and implementation
- IS control and monitoring and maintenance
IAC was founded in 1999 to validate the skills of computer security professionals. The purpose of GIAC is to provide assurance that a certified individual has the knowledge and skills necessary for a practitioner in key areas of computer, information and software security. GIAC certifications are trusted by thousands of companies and government agencies, including the United States National Security Agency (NSA).
GIAC certifications address a range of skill sets including:
- intrusion detection
- incident handling
- firewalls and perimeter protection
- hacker techniques
- Windows and Unix operating system security
- secure software and application coding
CompTIA Network+ validates the knowledge and skills of networking professionals. It is an international, vendor-neutral certification that recognizes a technician’s ability to describe the features and functions of networking components and to install, configure and troubleshoot basic networking hardware, protocols and services.
CompTIA Security+ validates knowledge of communication security, infrastructure security, cryptography, operational security, and general security concepts. It is an international, vendor-neutral certification that is taught at colleges, universities and commercial training centers around the world.
The MCSE credential is the premier certification for professionals who analyze the business requirements and design and implement the infrastructure for business solutions based on the Microsoft Windows platform and Microsoft Windows Server System. Implementation responsibilities include installing, configuring, and troubleshooting network systems. The Windows 2003 track of the MCSE credential is designed for information technology (IT) professionals working in the typically complex computing environment of medium to large organizations.
An MCSE candidate has at least one year of experience implementing and administering a network operating system in environments with the following characteristics:
- 200 to 26,000 supported users
- Five to 150 physical locations
- Typical network services and applications including file and print, database, messaging, proxy server or firewall, dial-in server, desktop management and Web hosting
- Connectivity needs including connecting individual offices and users at remote locations to the corporate network and connecting corporate networks to the Internet
In addition, an MCSE candidate should have at least one year of experience in the following areas:
- Implementing and administering a desktop operating system
- Designing a network infrastructure
The CCSP certification validates advanced knowledge and skills required to secure Cisco networks. With a CCSP, a network professional demonstrates the skills required to secure and manage network infrastructures to protect productivity and reduce costs. The CCSP curriculum emphasizes secure VPN management, Cisco Adaptive Security Device Manager (ASDM), PIX firewall, Adaptive Security Appliance (ASA), Intrusion Prevention Systems (IPS), Cisco Security Agent (CSA), and techniques to combine these technologies in a single, integrated network security solution.
CCNP certification validates a network professional’s ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 or more nodes. Network Professionals who achieve the CCNP have demonstrated the knowledge and skills required to manage the routers and switches that form the network core, as well as edge applications that integrate voice, wireless, and security into the network.