Regulatory Compliance, Governance and Security:

SAS 70


September 20, 2008  2:23 PM

SAS70 Checklist | How to Prepare for a SAS70 Audit



Posted by: Charles Denyer
audits, SAS 70, SAS 70 checklist, SAS 70 readiness questionnaire, sas70, sas70 sample reports, Security

As a SAS70 auditor, I'm often asked about how organizations should prepare for a SAS70 audit. In fact, companies and organizations alike commonly ask me for a SAS70 checklist. I simply reply by asking a checklist for what-on how to prepare for the audit, on what the audit scope is, etc? You see,...

August 28, 2008  1:07 PM

SAS 70 Audits for Data Centers & Managed Services



Posted by: Charles Denyer
Compliance, data centers, DataCenter, managed services, SAS 70, SAS 70 download, SAS 70 readiness questionnaire, sas70 sample reports

If you are a data center or manged services provider and need a SAS 70 audit, then here are some helpful tips and strategies for finding the right firm, getting a fair and equitable fee, and for ensuring you have the proper scope for the audit. Today's data center are complex entities, providing...


August 27, 2008  12:05 PM

SAS 70 Audit Checklist | Preparing your Organization



Posted by: Charles Denyer
SAS 70, SAS 70 checklist, SAS 70 readiness questionnaire, sas70, sas70 sample reports

The tremendous growth of SAS 70 audits has been felt in many industries, requiring service providers (commonly known as service organizations in the SAS 70 world) to undergo an annual SAS 70 Type II audit. If your organization is new to the SAS 70 audit process, here are some helpful tips for...


August 26, 2008  8:05 PM

SAS 70 Audits & Software as a Service (SaaS) | Helpful Audit Tips



Posted by: Charles Denyer
Compliance, regulatory compliance, SaaS, SAS 70, sas70, sas70 sample reports, Software as a Service

The Software as a Service (SaaS) industry and SAS 70 audits actually have quite a bit in common. First and foremost, both the SAS 70 auditing standard and the SaaS industry have seen explosive growth in the past five years, thanks in large part to regulatory compliance and the advent of technology....


August 26, 2008  7:43 PM

Gramm Leach Bliley Act (GLBA) Compliance & SAS 70



Posted by: Charles Denyer
GLBA privacy rule, GLBA safeguards rule, SAS 70, SAS 70 download, sas70

The Gramm Leach Bliley Act, commonly known as GLBA, has certain provisions that require organizations, such as financial institutions (bank, online trading entities) to protect confidential consumer information. Unfortunately,...


August 26, 2008  12:36 PM

SAS 70 & Sarbanes Oxley (SOX) | What You Need to Know



Posted by: Charles Denyer
regulatory compliance, Sarbanes-Oxley, SAS 70, sas70, sas70 sample reports, section 404 sox

The relationship between Sarbanes-Oxley and SAS 70 begins with Section 404 of the 2002 Sarbanes Oxley Act (SOX). Because management must report annually on it’s effectiveness of internal controls, it then has a fiduciary responsibility and a requirement to inspect on controls considered critical...


August 26, 2008  12:25 PM

PCI & SAS 70 Audits | Cost Savings Initiatives



Posted by: Charles Denyer
PCI, pci compliance, PCI DSS, SAS 70, sas70, sas70 sample reports

If your organization is required to be SAS 70 compliant along with obtaining a PCI DSS assessment, then it's time to think about creating efficiencies of scale when conducting both the audit for SAS 70 and the assessment for PCI compliance. By no means are there perfect synergies, rather, both...


August 26, 2008  11:23 AM

SAS 70 Audits | Tips on Preparing Your Organization



Posted by: Charles Denyer
regulatory compliance, Sarbanes-Oxley, SAS 70, SAS 70 download, SAS 70 readiness questionnaire, sas70, sas70 sample reports

SAS 70 audits are being performed on many service organizations in today's growing regulatory compliance economy. From federal legislation, such as Sarbanes-Oxley to HIPAA, the SAS 70 auditing standard has been pushed to the...


August 26, 2008  11:10 AM

SAS 70 Audits and Third Party Administrators (TPA)



Posted by: Charles Denyer
HIPAA, SAS 70, SAS 70 download, sas70, Third Party Administrator, TPA

As a SAS 70 auditor for many years, i've seen a huge increase in the number of third party administrators (TPA) that are required to go through a SAS 70 Type I or SAS 70 Type II audit. Man of these TPA organizations are considered small, with limited budgets, thus they voice a great deal of...


August 18, 2008  3:30 PM

SAS70 Audits and PCI Assessments | GAP Analysis



Posted by: Charles Denyer
Compliance, pci compliance, pci dss qsa, SAS 70, sas70, What is SAS 70?

Many organizations are now being required to be SAS70 and PCI DSS compliant. With that said, I am often asked where the synergies or overlaps are for a SAS70 audit, which can only be done by a CPA firm and a PCI DSS assessment, which can only be done by a qualified PCI QSA individual. My answer...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: