What are SOX and SAS 70?
In its short life, SOX has become almost a household name. It is a U.S. federal law that was passed in July 2002 in response to high-profile business accounting scandals, such as Enron and WorldCom, in order to reinforce investment confidence and protect investors by improving the accuracy and reliability of corporate disclosure. Amongst other things, SOX establishes standards with which public companies and public accounting firms must comply, and addresses key issues such as auditor independence, corporate governance, internal control assessment, and enhanced financial disclosure. Less well-known than SOX, SAS 70 is shorthand for the Statement on Auditing Standards No. 70: Service Organisations, which is an auditing standard issued by the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA). SAS 70 defines the professional standards that govern the way in which an external auditor should assess and report on the internal controls of an external s
