Subscribe for NewsLetters
Email: *
 
First Name: *
 
Last Name:
 
Organization:
 
Position:
 
Country:
Enter Captcha:*
captcha
Search_btn
Case Ware Analytics Ad   Business Case
Futr 468x60 (1)
Asv Banner
C Risk Academy Banner

AuditNet® Audit-library::Sas-70-resources-for-auditors

SAS 70 is an acronym for the American Institute of Certified Public Accountants (AICPA) Statement on Auditing Standard (SAS) 70, titled “Reports on the Processing of Transactions by Service Organizations”. SAS 70 defines the professional standards used by a service auditor to assess the internal controls of a service organization and issue a service auditor’s report. Service organizations are typically entities that provide outsourcing services that impact the control environment of their customers. Examples of service organizations are insurance and medical claims processors, trust companies, hosted data centers, application service providers (ASPs), managed security providers, credit processing organizations and clearinghouses.

There are two types of service auditor reports. A Type 1 service auditor’s report includes the service auditor's opinion on the fairness of the presentation of the service organization's description of controls that had been placed in operation and the suitability of the design of the controls to achieve the specified control objectives. A Type 2 service auditor’s report includes the information contained in a Type 1 service auditor's report and also includes the service auditor's opinion on whether the specific controls were operating effectively during the period under review.

from SAS 70 Solutions.com



RESOURCES

DESCRIPTION

www.cpa2biz.com

Website where customers can purchase a copy of the SAS 70 standard, current SAS 70 audit guide (which includes a complete copy of the standard), and related SAS 70 materials.

Glossary of Terms

A complete list of the most commonly used SAS 70 audit terms.

FREQUENTLY ASKED QUESTIONS (FAQs)

An collection of the most commonly asked questions regarding SAS 70 audits.

SAMPLE DOCUMENTS

VENDOR

 

Vendor Interview Questionnaire

SAS 70 Audit Request for Proposal Tool

SAMPLE DOCUMENTS

TYPE 1

SAS 70 Audit Request for Proposal Tool

Sample Type 1 SAS 70 audit opinion letter

Type 1 Opinion Letter Demonstrating the Inclusive method

Type 1 Opinion Letter Demonstrating the Carve Out Method

Sample Type 1 SAS 70 audit management representation letter

SAMPLE DOCUMENTS

TYPE 2

Sample Type 2 SAS 70 audit opinion letter

Type 2 Opinion Letter Demonstrating the Inclusive method

Type 2 Opinion Letter Demonstrating the Carve Out Method

Sample Type 2 SAS 70 audit management representation letter

QUALIFIED OPINION EXAMPLES

 

Fairness of presentation

Suitability of Design

Operating Effectiveness

INDUSTRY LEADING VENDORS

SAS 70 Solutions

Deloitte & Touche

Ernst & Young

KPMG

PriceWaterhouseCoopers

MISCELLANEOUS WEBSITE LINKS

A SAS 70 Auditor’s Response to the Critics

White paper exposing common errors and misconceptions regarding SAS 70 audits.

www.sas70.com

Website maintained by an Ernst & Young partner that is designed to provide SAS 70 background information and garner sales leads.

http://www.polarcove.com

Article containing SAS 70 overview and planning information.

www.CSOonline.com

CSO.com article regarding SAS 70 audits.

SAS70 Solutions firm specializing SAS 70 audit services provides resources and tools for auditors.

SAS 70 Article from the security officers perspective

SAS 70 Articles and Whitepapers

SAS 70 Overview and Planning Guide

Audit Documents

  1. SAS 70 Evaluation Checklist (Apr 06)

  2. SAS 70 Evaluation Guidance (Apr 06)

  3. SAS-70 Review (Oct 05)

  4. SAS 70 Type 1 Fraud Assessment Template (July 05)

  5. SAS 70 Type 2 Fraud Assessment Template (July 05)

  6. SAS 70 Type 2 Internal Control Evaluation Checklist PDF

  7. SAS 70 Type 2 Internal Control Evaluation Checklist Excel