Regulatory Compliance, Governance and Security » fieldwork http://itknowledgeexchange.techtarget.com/compliance-governance Thu, 10 Mar 2011 15:04:50 +0000 en-US hourly 1 SAS 70 Certification | Learn about SAS 70 Type 2 Audits http://itknowledgeexchange.techtarget.com/compliance-governance/sas-70-certification-learn-about-sas-70-type-2-audits/ http://itknowledgeexchange.techtarget.com/compliance-governance/sas-70-certification-learn-about-sas-70-type-2-audits/#comments Sat, 14 Mar 2009 22:35:58 +0000 Charles Denyer http://itknowledgeexchange.techtarget.com/compliance-governance/sas-70-certification-learn-about-sas-70-type-2-audits/ SAS 70 certification is becoming a hot topic for many organizations in today’s business world. You name the industry, and i can almost guarantee you that somebody has had to be SAS 70 compliant. Though the term SAS 70 certification is technically incorrect, because you are not really becoming “certified”, rather, you are becoming compliant. Not a big issue, just wanted to clear up a technicality that I hear quite a bit about.

So, back to SAS 70 “certification”. What you need to know is that it is a multi-step process which includes the following phases:

1. SAS 70 Readiness Assessment
2. Remediation for anything uncovered during the Readiness Assessment
3. On to the audit-That is, fieldwork for a SAS 70 Type I or Type II.
4. Findings from the auditor and drafting of the report
5. Issuing the report, which is technically called a “SAS 70 Service Auditor’s Report”

These are steps to follow in becoming SAS 70 compliant. It is the most logical, transparent, and efficient process you will find.

Visit the official SAS 70 Resource Guide to learn more about SAS 70 certification.

]]> http://itknowledgeexchange.techtarget.com/compliance-governance/sas-70-certification-learn-about-sas-70-type-2-audits/feed/ 0