sas 70 type i type ii

SAS 70 Certification | Learn about SAS 70 Type 2 Audits

SAS 70 certification is becoming a hot topic for many organizations in today’s business world. You name the industry, and i can almost guarantee you that somebody has had to be SAS 70 compliant. Though the term SAS 70 certification is technically incorrect, because you are not really becoming “certified”, rather, you are becoming compliant. Not a big issue, just wanted to clear up a technicality that I hear quite a bit about.

So, back to SAS 70 “certification”. What you need to know is that it is a multi-step process which includes the following phases:

1. SAS 70 Readiness Assessment
2. Remediation for anything uncovered during the Readiness Assessment
3. On to the audit-That is, fieldwork for a SAS 70 Type I or Type II.
4. Findings from the auditor and drafting of the report
5. Issuing the report, which is technically called a “SAS 70 Service Auditor’s Report”

These are steps to follow in becoming SAS 70 compliant. It is the most logical, transparent, and efficient process you will find.

Visit the official SAS 70 Resource Guide to learn more about SAS 70 certification.

SAS 70 Type II Audits | A Discussion on Pricing | Auditor’s Expert Opinion

SAS 70 pricing is much like that of a roller coaster ride. I’ve personally seen the wild swings in the market within the last 3 to 5 years. How volatile has pricing been? Quite a bit and it’s based on a number of issues currently facing the market. Thus, the more informed you are, the more information you will have to make an informed decision on who to use and why.

As recently as three years ago, the number of providers were relatively small, thus fees were at a level where not much compromise was given by CPA firms in regards to pricing. Well, the SAS 70 fanfare is alive and now well, with dozens and dozens of firms providing these audits. And truthfully, its justifiable to see prices come down as more competition results in lower fees. Hey, it is capitalism, right?

Please be aware though that there are a number of CPA firms practicing in states without licenses. Additionally, many of these CPA firms never actually do the work; rather they use outsourced personnel. In short, if you receive a low fee, be cautious because they may not of gone through the licensing requirements for a respective state and may simply be outsourcing the work to I.T. contractors at greatly reduced rates. These conditions, and more, affect the quality of the report and the validity of the report, so buyer beware. This is just an introduction to the pricing issue. Stay in touch, as I will have much, much more to say on this issue regarding SAS 70 audits.

SAS 70 Audits | Understanding PRICING for SAS 70 Engagements

SAS 70 Type I and Type II audits have become common for many organizations providing critical outsourcing services to companies. Known as service organizations, they have all landed on the regulatory radar of having to be SAS 70 compliant, due in large part because of Sarbanes Oxley (SOX) or any other large number of federal regulatory compliance mandates.. I’m often asked how much does a SAS 70 Type I or Type II audit cost. Well, that depends on a number of factors and circumstances that will be discussed today.

Issue #1: Choosing a Firm for the SAS 70 Audit

There are a number of providers available for SAS 70 audits, ranging from regional CPA firms to the nationally recognized big four firms. And as with anything in life, most organizations try to find the most value for their money, but remember, you get what you pay for. Small firms may be cost-effective, but they may lack the expertise and name recognition of other firms. The big four accounting firms will charge you a heavy premium audit fee, yet you get their name on the report, ultimately giving it a high level of recognition, simply based on who they are.

Remember, SAS 70 Type I and Type II audit prices have a wide range, so it’s probably a wise choice to pick in between, that is, a firm who is specialized, nationally known, not too large and bureaucratic, and provides you with a cost-effective, “fixed fee” that is fair, equitable, and you can live with.

Issue #2: Scoping the SAS 70 Audit

Numerous factors ultimately come into play for pricing considerations, but scoping is extremely important. It tells you and the CPA firm what will be tested, where it will be tested, and how long the test period will be, if a SAS 70 Type II audit is being performed.

To learn more about SAS 70 audits, visit the official sas 70 resource guide.