November 17, 2010 5:22 PM
Posted by: Charles Denyer
charles denyer,
description of controls,
description of system,
ndb,
SAS 70,
SSAE 16Enter SSAE 16 and it's new requirement for service organizations to provide a description of its "system". As for out with the old...
September 29, 2010 8:54 PM
Posted by: Charles Denyer
description of its system,
ISAE 3402,
SAS 70,
service organization,
SSAE 16,
written assertion by managementISAE 3402, The International Standard on Assurance Engagements,“Assurance Reports on Controls at a Service Organization” and SSAE 16, Statement on Standards for Attestation...
July 22, 2010 9:25 PM
Posted by: Charles Denyer
ISAE 3402,
SAS 70,
ssae 16 readiness assessments,
type 1,
type 2SSAE 16 Readiness Assessments will without question become a hot "to do" list for many service organizations who are effectively transitioning from SAS 70 to the new SSAE 16...
July 21, 2010 11:53 AM
Posted by: Charles Denyer
charles denyer,
ISAE 3402,
SAS 70,
SSAE 16SSAE 16, put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA), will force a large number of service organizations to fundamentally re-address many of the compliance issues that they...
July 14, 2010 6:35 PM
Posted by: Charles Denyer
ISAE 3402,
SAS 70,
SSAE 16SSAE 16, the new attestation standard put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA), will effectively replace Statement on Auditing Standards No. 70 (SAS 70) as the primary standard used for...
May 17, 2010 11:24 AM
Posted by: Charles Denyer
charles denyer,
ISAE 3402,
SAS 70,
SSAE 16,
written assertion by managementISAE 3402, put forth by the International Auditing and Assurance Standards Board (IAASB) of the International Federation of Accountants (IFAC), will play a large and ever-expanding role for reporting on controls at service organizations. ...
December 11, 2009 1:42 PM
Posted by: Charles Denyer
charles denyer,
PCAOB,
Sarbanes-Oxley,
sarbox,
SAS 70,
SOXWell, i'm sure by now millions of people have read the article in Newsweek about how Sarbanes-Oxley (SOX) could be brought down to it's knees and killed.
Compliance auditors are getting cold...
November 25, 2009 8:20 PM
Posted by: Charles Denyer
charles denyer,
payment card industry data security standards (PCI DSS),
PCI DSS,
pci dss assessments,
SAS 70,
type IISAS 70 audits and PCI DSS assessments are truly starting to dominate the regulatory compliance landscape. For a large number of our firm's clients, we actively assess them for yearly SAS 70 and PCI DSS compliance. The chatter of late is surrounding what efficiencies of scale, if any, can be had...
November 20, 2009 1:14 AM
Posted by: Charles Denyer
aicpa,
BCM,
Business Continuity Disaster Recovery,
charles denyer,
control objectives,
SAS 70,
sas 70 type ii,
type iAs a SAS 70 auditor, i'm often asked if Business Continuity and Disaster Recovery (or any of the other similar terms and phrases used) is part of the actual SAS 70 audit. In fairness, it is even though "technically" it does not fall into a...
