- about assurance concepts
- assurance concepts clients portfolio
- sas70 audit and compliance audit services
- compliance audits
- compliance audit knowledge base and blog
SAS 70 Audit
SAS 70 was effectively replaced by SSAE 16 (SOC 1) on June 15, 2011. Organizations can now obtain a SOC 1 report instead of the previous SAS 70. SOC 1 is a services auditors report that is performed under Statement on Standards for Attestation Engagements (SSAE 16). Please visit our SSAE 16 page for more information.
SAS 70 – is an internationally recognized third party assurance audit designed for service organizations. It has become the most widely accepted compliance initiative that provides service organizations a benchmark to compare their internal controls and processes against industry best practices. Statement on Auditing Standards No. 70 (SAS 70) was originally created in 1992 and over the past five to ten years become globally recognized as one of the highest forms of third party assurance.
Why do Service Organizations Obtain a SAS 70 Audit?
There are many reasons why a service organization may decide to obtain a SAS 70 audit, however due to the increased regulatory oversight of the Sarbanes-Oxley act; many customers are now requiring their Service Organization to obtain a SAS 70 audit.
Why Organizations Become SAS 70 Compliant.
Outside of customer requests, our clients choose to obtain a SAS 70 audit report to provide their customers with confidence and to differentiate them from the competition. Additionally many service organizations are audited by several companies during the course of the year. A SAS 70 audit can eliminate additional customer audits and self assessment questionnaires.
SAS 70 Audit Services:
- SAS 70 Readiness Assessment - is an audit designed for organizations preparing for their first SAS 70 audit. Organizations who have not formally evaluated their internal controls often start with a SAS 70 Readiness Assessment.
- SAS 70 Type I - provides limited assurance and used to report on the design of controls as of a point in time. Organizations who have policies and procedures in place but want to gain a better understanding of the SAS 70 audit requirements often start with a SAS 70 Type I audit prior to undergoing the SAS 70 Type II audit.
- SAS 70 Type II - provides the highest level of assurance for SAS 70 audits and reports on the service organizations controls and operating effectiveness over a period of time.
Visit our FAQs to find out more about a SAS 70 Type I and SAS 70 Type II audit reports.
Why Skoda Minotti Risk Advisory Services?
- World class processes
- High quality deliverables
- Insightful consulting advice
- Meeting project deadlines and expectations
- Reasonably priced
Other benefits of a SAS 70 audit report:
- Instant credibility
- Third party perception
- Confirmation that controls, procedures, and process are in place as management intends
- Independent assessment of controls
- Potential to grow market share
- Reduction of third party self assessment questionnaires
- One audit report can satisfy multiple customers
Skoda Minotti Risk Advisory Services
Our concept is to bridge the gap for our clients from wanting to comply to becoming compliant. We understand the regulatory pressures and the demands of your customers requesting a SAS 70 audit report. Each of our audits are customized and designed to assist your company in a seamless process from the time we initiate the audit to finalizing your SAS 70 audit report. All of our auditors have a depth of experience in a variety of industries and we have a good understanding of your business and how this relates to a SAS 70. Each SAS 70 audit report is unique and we provide the necessary related industry knowledge and SAS 70 expertise to deliver quality audit reports that your customers will accept.
As a large majority of audits are technical in nature, Skoda Minotti Risk Advisory Services will engage auditors with certifications such as CISSP, CISA, CISM, QSA, CIA in addition to CPAs onsite to complete your company’s audit. Call us today and find out how we can make your SOC 2 audit a successful one.