Regulatory Compliance, Governance and Security

Aug 26 2008   11:23AM GMT

SAS 70 Audits | Tips on Preparing Your Organization

Charles Denyer Charles Denyer Profile: Charles Denyer

SAS 70 audits are being performed on many service organizations in today’s growing regulatory compliance economy. From federal legislation, such as Sarbanes-Oxley to HIPAA, the SAS 70 auditing standard has been pushed to the forefront of the business arena. It’s becoming such a big requirement now that many request for proposals (RFP) are demanding that a service organization be SAS 70 compliant for even bidding on work or submitting a proposal.

So let’s erase some myths and misconceptions about the SAS 70 auditing standard. First and foremost, the audit can be done in an efficient, cost effective manner, provided you find a firm that has a good working knowledge of the SAS 70 auditing standard AND your industry. Put both of those variables together, and you should get a good fee from a quality auditor who truly knows what they are doing.

Secondly, you don’t have to do a SAS 70 Type I first if you need a SAS 70 Type II. Why waste thousands of dollars on a Type I when it’s not really what you needed? Some CPA firms will try and sell you the full package, often including a Type I by stating its needed to begin the audit process. What you need to start with instead is a SAS 70 Readiness Assessment, which will get your organization up to speed and ready for the actual SAS 70 Type II audit.

Lastly, SAS 70 audits can be a reasonable financial proposition, if you use a firm with experience that has a working, scalable model, resulting in efficiency and cost-effectiveness.

If you want to learn more about SAS 70 audits, visit the official SAS 70 resource center where you can receive SAS 70 sample reports for review.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: