White Papers provided by the SAS 70 Resource Guide

Helpful Glossary for SAS 70 Type I and Type II Audits

A great way to learn about SAS 70 Type I & Type II audits is to be able to understand and comprehend the most common glossary of terms used that are related to the auditing standard. Because more and more service organizations are undergoing a SAS 70 audit, it would be wise to learn about all the technical and non-technical terms, jargon, and phrases used by auditors who conducts these audits.

If you are a service organization, its a good idea to know what the definition of a user organization is, what the elements of internal control are, what is SAS 55, and many other terms, just to name a few.

You would also want to know phrases such as additional information provided by the service organization and what type of content is input into this section. As of late, most service organizations have been including a brief summary of their business continuity and disaster recovery planning (BCDRP) documentation as proof that they have an adequate plan in place.

Other helpful terms that you would benefit from knowing include the following:

1. Independent Accountant (or Service Auditor's) Report
2. Information System
3. Internal Controls
4. Management's Comments
5. On-site fieldwork

All these terms and phrases can be found by accessing the SAS 70 glossary of terms section at the official SAS 70 Resource Guide.

Additionally, if you want to learn more about what is SAS 70, you can visit many other sections, such as the white paper section, along with the industry news section. Moreover, SAS 70 sample reports are available electronically for interested readers who wish to learn more about the auditing standard.