SAS70 Audits for Data Centers | Step by Step SAS70Audit Process

Learn more about SAS70 audits for data centers by reviewing the step by step SAS70 audit process. From beginning to end, a number of steps, activities, and deliverables must be undertaken for ensuring the audit is successful. From the initial SAS70 readiness questionnaire assessments to the delivery of the final audit report, both the CPA firm conducting the audit and the data center employees will be working together in a collaborative manner for the audit.

Follow this step by step process if you are a data center or co-location facility that will be performing a SAS70 audit in the near future:

• First and foremost, identify the scope of the SAS70 audit. Though it sounds quite straightforward, every CPA firm approaches scope in a slightly different manner. When identifying scope, there are a number of items to keep in mind, such as the following: Does the scope of the audit satisfy your client’s demands? Does the scope of the audit conform to industry accepted standards for SAS70 audits on data centers?
• Once the scope has been identified, it’s critical to begin the planning process with the auditors. A series of planning meetings should include a discussion on the following items: SAS70 readiness questionnaire assessment and when it will be done (if deemed necessary), discussion of type of sampling that is conducted for the audit (this is important as auditors have varying views on the numbers and amounts done on audit sampling), discussion that identifies key personnel involved in the audit from both sides. These are just a few starting point items, but they will get your organization going in the right direction.

If you want to learn more about SAS70 audits, then visit the official SAS70 resource guide, where you can obtain SAS70 sample reports for review. These reports are an excellent reference in learning more about SAS70 audits.