Regulatory Compliance, Governance and Security

May 8 2009   11:47AM GMT

SAS 70 Audit and Compliance Tips for Data Centers



Posted by: Charles Denyer
Tags:
charles denyer
co-location
Compliance
cpa firm
data center
data center physical security
sas 70 audit

Learn more about SAS 70 audits for data centers by reviewing the step by step SAS 70 audit process. From beginning to end, a number of steps, activities, and deliverables must be undertaken for ensuring the audit is successful. From the initial SAS70 readiness questionnaire assessments to the delivery of the final audit report, both the CPA firm conducting the audit and the data center employees will be working together in a collaborative manner for the audit.

Follow this step by step process if you are a data center or co-location facility that will be performing a SAS 70 audit in the near future:

First and foremost, identify the scope of the SAS 70 audit. Though it sounds quite straightforward, every CPA firm approaches scope in a slightly different manner. When identifying scope, there are a number of items to keep in mind, such as the following: Does the scope of the audit satisfy your client’s demands? Does the scope of the audit conform to industry accepted standards for SAS 70 audits on data centers?

Once the scope has been identified, it’s critical to begin the planning process with the auditors. A series of planning meetings should include a discussion on the following items:

1. SAS 70 readiness questionnaire assessment and when it will be done (if deemed necessary).

2. Discussion of type of sampling that is conducted for the audit (this is important as auditors have varying views on the numbers and amounts done on audit sampling).

3. Discussion that identifies key personnel involved in the audit from both sides.

4. Discussion on what data center physical security controls will be included in the scope of the audit.

These are just some general parameters to get you going in the right direction.

If you want to learn more about SAS 70 audits, then visit the official SAS 70 resource guide, where you can obtain SAS 70 sample reports for review.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: