Regulatory Compliance, Governance and Security

Aug 26 2008   8:05PM GMT

SAS 70 Audits & Software as a Service (SaaS) | Helpful Audit Tips



Posted by: Charles Denyer
Tags:
Compliance
regulatory compliance
SaaS
SAS 70
sas70
sas70 sample reports
Software as a Service

The Software as a Service (SaaS) industry and SAS 70 audits actually have quite a bit in common. First and foremost, both the SAS 70 auditing standard and the SaaS industry have seen explosive growth in the past five years, thanks in large part to regulatory compliance and the advent of technology. Second, from a compliance standpoint, SaaS providers are increasingly being required to be SAS 70 Type II compliant.

The sheer nature of the SaaS industry has forced the SAS 70 auditing standard’s requirement onto many SaaS providers. What’s more, what may have been perceived as a market edge, a compliance luxury, the SAS 70 audit is now a must have for SaaS providers, or lose potential clients and future prospects.

If you are an organization falling under the SaaS industry label, there are a few helpful things you can do to get ready for a SAS 70 audit:

1. Find a firm that truly understands the SaaS industry-it can be complicated due to the nature of the industry itself.
2. Fina a firm that will give you a fixed fee for the audits. That’s right, no need to pay additional out of pocket expenses to the auditor. Most reputable firms are now moving towards the fixed fee mentality, so your checkbook should too.
3. Make sure you define the scope early with the CPA firm doing the audit. The SaaS industry has many providers and outsourcing entities that could potentially be in scope for the audit of your company. From data centers to external, third party managed providers of security, you and the CPA firm need to nail down who and what is included in the scope. This will have a sizable impact on the time, fees, and man hours needed to complete the audit.

To learn more about SAS 70 audit, visit the official SAS 70 Resource guide where you can receive sample SAS 70 reports for view.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: