Why SAS 70?
SAS No. 70 is authoritative guidance on evaluating internal control at service organizations under Generally Accepted Auditing Standards (GAAS). Many service organizations choose to participate in a SAS 70 audit because they feel it is the optimal way to independently demonstrate the care and control with which they deliver services. A well prepared SAS 70 report serves as proof sufficient controls and safeguards are in place where customer data is transmitted, processed or stored. It also provides a service organization with independent assurance that they can provide to customers so they can avoid dealing with multiple audit requests from multiple clients covering the same set of services. SAS 70 was designed to help the auditors of user organizations obtain an understanding of internal control as required by SAS No. 55 when completing a financial statement audit and key internal controls are provided by the service organization. SAS 70 has grown dramatically with the requirements of
