Services

SAS 70 Service Audits

In today’s fast-paced and complex business arena, a due diligence process is needed to assure companies of the safety and integrity of their data while in the hands of a third party service organization. SAS 70 audits provide this assurance by examining, documenting, and testing, as needed, an array of internal controls within third-party service organizations.

If your company provides outsourced services and is required to complete a Type 1 or Type 2 SAS 70 audit, Reznick Group can help meet this compliance. Our SAS 70 audits are performed by Certified Information Systems Auditors (CISA) with years of relevant IT and audit experience. We can assist large companies that are familiar with audit processes as well as smaller companies that may have no prior audit or SAS 70 compliance audit experience.

While each SAS 70 audit is different in terms of scope and pricing, one thing remains the same – Reznick Group’s commitment to quality and client satisfaction.

The engagement process is typically as follows:

Pre-Assessment
If desired, our SAS 70 team will issue a custom SAS 70 report of established and recommended controls for your organization’s consideration.

Identification of Control Objectives
Our SAS 70 team members work with you to identify business process and IT control objectives to be audited.

SAS 70 Report Execution
We work with you to craft your description of controls, and ensure all relevant identified controls are tested.

Finalization and Delivery
Issues are identified and communicated to you. Our SAS 70 audit team then makes specific recommendations for improvement and delivers a final SAS 70 report.

Related Services

• Third party assessments
• Next generation SAS 70 audits
• BITS shared assessments
• ISAE 3402
• Systrust©/Webtrust©
• Technology assurance