I have a quick question regarding SAS-70 Certification. If my company completes a SAS-70 audit, does that automatically make us certified or are there additional steps for certification? also when we get certified how long does that certification last before it will need to be renewed? any information would be very helpful. Thanks
Answer Question | January 19, 2011 3:36 PM
Auditing (compliance), Auditing Standards, CPA, IT certification, SAS 70
I need some advice from other security experts. I was recently hired to work for a small company where our data and infrastructure is at a managed hosting facility. The hosting service has a SAS 70 that is regularly audited. My company in the past relied – almost solely – on the managed service security [...]
Answer Question | January 5, 2011 3:49 AM
ISO 17799, Network security, Network Security Policies, SAS 70, SAS 70 Type II audit compliance, Security Program Management
Hello If a customer don’t wants to execute the SAS70 type 2 audit – is there any other compliance standards that you can choose from ? That is to get the same compliance documentation/status but not execute the SAS70 type 2 audit? Is there any light version of the SAS70 standards?
Answer Question | November 9, 2010 8:37 AM
Auditing, Auditing (compliance), SAS, SAS 70, SAS 70 Type II audit vendor, SAS70 type 2 audit replacement, Windows, Windows Server 2003, Windows Server 2003 Audit Policy, Windows Server 2008
I’m looking for recommendations someone who has used similar services – a Security auditing vendor for SaaS applications and a SAS-70 vendor in DC/MD/VA area for a small company.
Answer Question | May 20, 2010 7:27 PM
SaaS, SAS 70, SAS 70 Type II audit vendor, Security Audit, Security Auditor
The electrical network that feeds the access points, CCTV cameras, intruder detectors, etc. must need to be independent from the electrical system that feeds the computing equipment? Is it right to ask if the logs of access point are backed up and kept in a secure place? what about the videos that cameras are recording? [...]
Answer Question | June 30, 2009 3:11 PM
Auditing, Data Center, Data Center Audits, IT audit, SAS 70
I would like to have a look at the standard list of questions that an auditor might ask when undertaking an SAS 70 audit……
Answer Question | May 27, 2009 8:51 AM
Auditing, SAS 70, SAS 70 Type I, Statement on Auditing Standard 70
Names of SAS 70 Compliant ISPs
Answer Question | September 26, 2008 11:47 AM
ISP, SAS 70
When benchmarking a SAS70 audit to determine if the necessary controls were audited, what standards do you use as guidance to determine the controls to be tested and the control objectives? Does IT rely on internal audit for guidance or do you have your IT processes documented?
Answer Question | June 25, 2008 5:13 AM
Auditing, Compliance, Risk analysis, SAS 70