January 7, 2010 1:21 AM
Posted by: Charles Denyer
sas 70 audit compliance,
sas 70 resource guide,
sas 70 type ii,
Statement on Auditing Standards No. 70,
type iAs a SAS 70 Auditor, I'm often asked if a SAS 70 Type I is needed before conducting a SAS 70 Type II? The answer, YES and NO!
Yes, in that if an organization has never gone through a SAS 70 audit, has time to conduct a Type I audit, or has...
November 20, 2009 1:14 AM
Posted by: Charles Denyer
aicpa,
BCM,
Business Continuity Disaster Recovery,
charles denyer,
control objectives,
SAS 70,
sas 70 type ii,
type iAs a SAS 70 auditor, i'm often asked if Business Continuity and Disaster Recovery (or any of the other similar terms and phrases used) is part of the actual SAS 70 audit. In fairness, it is even though "technically" it does not fall into a...
July 28, 2009 3:45 PM
Posted by: Charles Denyer
charles denyer,
consumer information,
dates of birth,
EIN,
payroll companies,
sas 70 type ii,
SAS70 Type I,
social security numbersSAS 70 for payroll companies is fast becoming a requirement in this industry. And why? Because payroll companies conduct critical and material outsourcing functions for many organizations in today's business arena. What's more, they have a...
July 24, 2009 7:53 PM
Posted by: Charles Denyer
charles denyer,
internal control audit,
internal controls,
obama,
Registered Invesment Advisers,
RIA,
sas 70 type ii,
Statement on Auditing Standards No. 70,
suprise auditSAS 70 Audit and Compliance will soon be entering the financial services and financial sector in a much more in-depth manner in the coming years. Sure, SAS 70 audits have been widely used on asset accounting, hedge funds, trust establishments, but the push will be much further and deeper in the...
May 31, 2009 3:33 PM
Posted by: Charles Denyer
Add new tag,
change management,
charles denyer,
Maintain an Information Security Policy,
PCI DSS,
policies and procedures,
requirement 12,
SAS 70 Type I,
sas 70 type iiPolicies and Procedures-it's such a common theme and phrase in today's regulatory compliance and governance arena, so much so, i think it should have it's own Wikipedia page. It can be an arduous undertaking in developing these documents. Furthermore, policies and procedures are becoming...
March 20, 2009 6:34 PM
Posted by: Charles Denyer
aicpa,
audit,
charles denyer,
IIA,
isaca,
remediation,
sas 70 compliance,
sas 70 compliant,
sas 70 readiness assessment,
sas 70 resource guide,
sas 70 type iiBeing SAS 70 compliant is quickly becoming a requirement for many service organizations (i.e., companies that provide outsourcing to another entity) in today's business arena. Many companies, however, voice frustration in not really understanding the audit...
March 20, 2009 6:20 PM
Posted by: Charles Denyer
audit,
charles denyer,
general controls audit,
managed services sas 70,
SAS 70,
sas 70 compliance,
sas 70 resource guide,
sas 70 type iiSAS 70 compliance is commonplace for many of today's businesses. Unfortunately, one of the missing ingredients in understanding SAS 70 compliance is the scope of the audit. That's right. The who, what, when, where, and why of the actual SAS 70 audit process....
February 23, 2009 5:13 PM
Posted by: Charles Denyer
sas 70 internal controls,
SAS 70 Type I,
sas 70 type iiSAS 70 audits test a wide array of internal controls within your organization for helping ensure SAS 70 Type I or Type II compliance. What's interesting to note about these "internal controls" is that you need to truly understand what they are...
February 23, 2009 1:11 AM
Posted by: Charles Denyer
aicpa,
regulatory compliance,
SAS 70 Type I,
sas 70 type ii,
sas70.us.com,
service organizations,
What is SAS 70?What is SAS 70? For us in the regulatory compliance and Information Technology world, this would be an absurd question. Well, put yourself in the shoes of businesses who work hard everyday, struggling to make ends meet, and then suddenly,...
