Home Services Solutions About Us Contact Us Affiliations Partners                      
Sarbanes-Oxley
ISO 17799
HIPAA
Gramm-Leach-Bliley
FISMA
welcome to atibatechnolgy.com
SAS 70 - Operational Controls  
 
 

As our business economy expands, service organizations and providers must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers. Service organizations, many of which are highly regulated such as hosted data centers, insurance, health care, banking, and credit processing companies, are required by the government and by their clients to provide assurances that they adhere to strict control procedures.

SAS 70 was developed by the American Institute of Certified Public Accountants (AICPA) as a simplification of a set of criteria for auditing standards. It provides a uniform reporting format for service organizations to disclose their control activities and processes to their customers.

Additionally, the requirements of Section 404 of the Sarbanes-Oxley Act of 2002 make SAS 70 audit reports even more important to the process of reporting on effective internal controls at service organizations.

A SAS 70 review can provide your company the following benefits:

  • The ability to assess readiness to undergo a SAS 70 review prior to the formal audit process.

  • It can help satisfy the requirements of Section 404 of the Sarbanes-Oxley Act

  • Assurances that you have adequate internal controls and safeguards over customer information and the business processes related to them.

  • It demonstrates to your customers a commitment to sound internal controls.

  • It can identify opportunities for improvement in various areas of operation within your organization.

A typical SAS 70 report created by ATIBA professionals will contain:

  • An evaluation on the design, implementation and effectiveness of controls for a specific audit period.

  • A description of the control environment, its control objectives and the key controls that are in place to achieve those control objectives.

  • Tests of operating effectiveness and the results of those tests.

ATIBA’s SAS 70 services can assist you in putting in place an acceptable SAS 70 framework that provides effective controls, or we can provide independent, objective reports on the design, implementation and operating effectiveness of the framework and controls currently in place in your service organization.