August 23, 2008

SAS 70 Audits | What are the Benefits?

Filed under: Uncategorized — Tags: , , , , , — Charles Denyer @ 5:49 pm

SAS 70 audits have been around since 1992, but recent legislation has pushed the SAS 70 auditing standard into the spotlight. Namely, the Sarbanes Oxley Act of 2002 (SOX). When congress passed the SOX act, management of publicly traded companies were required to report on their company’s financials, and report on their internal controls in regards to financial reporting. Therefore, the SAS 70 quickly became the audit of choice for both user and service organizations, or rather, the de facto auditing standard.

As a user organization, the benefits of a SAS 70 are quite abundant. First off, when the user organization requests a SAS 70 report from their service organization, they get an official document outlining the service organizations internal controls. Additionally, they see that the controls were placed in operation, with possible tests of operating effectiveness (if a Type II Report) being performed. Most importantly, the user organization can supply their external auditors with the service organization’s SAS 70. In essence, this facilitates the user organization in auditing its financial statements. If no SAS 70 were present, the user organization would have to spend enormous time and effort in auditing the service organization for ensuring its compliance.

Service organizations receive significant benefits from this audit as well. To start with, it is a great way for a service organization to build trust with user organizations. Moreover, a SAS 70 report can entertain multiple customers’ audit requests. With no SAS 70 present, the service organization would likely spend too much time auditing “themselves” to entertain their customers requests, and less time conducting their business. Finally, a SAS 70 audit is the perfect opportunity to identify any weaknesses in your internal controls.

If you take a step back and look at these benefits to both user and service organization, it is clear to see that the SAS 70 is a powerful compliance tool currently being used and widely accepted by many industries. Combined with the fact that regulatory compliance legislation will only increase as time passes, one can clearly see the opportunities, but also the challenges that can lay ahead for a service organization.

Want to learn more about SAS 70 audits? Then receive SAS 70 sample reports from the official SAS 70 resource guide.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment



Blog Navigation

Subscribe

Fill out the form below to become a subscriber to the SAS 70 Resource Guide Newsletter. Your information will never be shared with any third-party vendor or company.

For the latest information about SAS 70, subscribe to the SAS 70 Resource Guide News Feed by following the links below.

RSS | atom

about feeds

SAS 70 Google News Alert Widget provided by Grazr