The SAS 70 Auditing Standard Benefits

Service Organizations can benefit from Type I and Type II audits in a number of ways, such as gaining compliance for a well-known, industry wide accepted internal control audit. Additionally, a SAS 70 audit, if properly performed, helps service organizations mitigate or eliminate multiple requests from their customer’s auditors, ultimately saving and time and money. Service organizations can also use SAS 70 compliance as a marketing tool and product differentiator from their competition. More and more user organizations who are obtaining bids and proposals for services from service organizations are requiring them to be SAS 70 Type II compliant. It’s quite common to see Request for Proposals (RFP) handed down from user organizations requiring SAS 70 compliance as mandatory for any service organization answering a RFP.

SAS 70 and Internal Controls

From an internal service organization perspective, SAS 70 can be looked upon as a helpful and beneficial audit, effectively examining one’s internal control framework. Many times, auditors uncover deficiencies in a service organization’s control environment which could be potentially damaging from an internal control perspective. These findings, which ultimately lead to remediation, help strengthen a service organization’s internal controls. User organizations and service organizations will also typically build a closer and stronger working relationship as a result of the service organization going through a SAS 70 audit.

User organizations benefit in a number of ways. Primarily, their external auditors, known as user auditors, can rely on the SAS 70 Service Auditor’s Report in helping plan for the user organization’s financial audit. Without a SAS 70 audit from service organizations, user auditors would have to spend additional time in auditing these very service organizations, ultimately costing the user organization more money.

To view a sample audit conducting on a service organization you can download a sample SAS 70 report.