There is a standard template for Control Objectives available on the AICPA website. That is usually very useful in beginning to understand control objectives.
The Control Objectives are a lot like Policies – they make a statement. From there you need to have control procedures that meet the control objectives – these are what the auditors will test to confirm that your controls are in place.
It’s also good to consider what clients are asking for a SAS 70 report. What applications do they care about? There are good application Control Objectives you can apply to such applications.
Try reading some SAS 70 reports from companies similar to your own for some ideas.