SAS 70 and SSAE 16
Does your service organization demonstrate it has the safeguards necessary to protect customer data? A successful SAS 70 audit will differentiate you in the marketplace. LarsonAllen's CPAs and certified security professionals will help you design the internal controls needed to securely host and process confidential information.
- Demand for SAS 70 audit or service auditor's examination
- Proving your commitment to internal controls
- Complying with Section 404 of the Sarbanes-Oxley Act of 2002 (SOX 404)
- Protecting against network penetration
- Safeguarding customer information
- Securing modems to wireless signals (internal vulnerabilities)
Our SAS 70 services
- SAS 70 readiness assessment (pre-assessment)
- Service Auditor's Report, Type I (reports on controls in operation)
- Service Auditor's Report, Type II (reports on controls in operation and tests of operating effectiveness)
- Implementation of SAS 70 safeguards (in case of a Type II engagement)
LarsonAllen's national SAS 70 auditors strictly follow the American Institute of Certified Public Accountants (AICPA) standards and guidance to provide Statement on Auditing Standards (SAS) No. 70
To prepare your service organization for the audit relative to controls and documentation, we may build a pre-assessment phase into the engagement. We will collaborate with the leaders in charge of internal processes to conduct on-site sessions and identify key controls (and relate deficiencies). Working together, we'll develop a strategy to document and remediate deficiencies.
LarsonAllen has experience with a number of enterprise data processing systems, operating systems, and network protocols. Our team includes professionals with accounting, auditing, and information security credentials. By leveraging our financial services industry knowledge with our IT auditing expertise, we provide exceptional SAS 70 audit services.
Replacing SAS 70 with SSAE16
SAS 70 will soon be replaced by Statement of Standards for Attestation Engagements (SSAE) No. 16. This major change will be required for all service organization control reports with periods ending June 15, 2011. More
Frequently asked questions about SAS 70
View answers to the commonly asked questions
we're receiving from leaders of organizations across all industries we serve.
Contact us for more information.