SAS 70 Type II Cerification
The Stafford Associates data center has been awarded SAS 70 Type II Certification.
What is SAS 70?
Statement on Auditing Standards (SAS) No. 70, Service Organizations (SAS 70)
Statement on Auditing Standards (SAS) No. 70, Service Organizations, is a widely recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA).
A service auditor's examination performed in accordance with SAS No. 70 ("SAS 70 Audit") represents that a service organization has been through an in-depth audit of their control objectives and control activities, which often include controls over information technology and related processes.
There are two types of SAS 70 reports.
A Type I SAS 70 report includes the service auditor's opinion on the fairness of the presentation of the service organization's description of controls that had been placed into operation and the functionality of the controls to achieve the specified control objectives.
A Type II SAS 70 report includes the information contained in a Type I service auditor's report and also includes the service auditor's opinion on whether the specific controls were operating effectively during the period under review
SAS 70 has grown increasingly popular with the implementation of the Sarbox Act. The Sarbanes-Oxley Act (usually referred to as Sarbox or Sox) adds importance in implementing SAS 70 as an important resource to show the effectiveness of a service organization's internal controls and data security safeguards.
Click here for further information on SAS 70 Certification and how it is important to your business
|
