Overview
Practice Leaders
Contact
Locations
Success Stories
Strategic Alliances
Career Opportunities
Conferences & Events
Search Openings
Benefits
SC&H Group's Tim Ellenwood to Speak at Lunch and Learn hosted by WorkforceTactix
Assurance
Business Performance Management
Business Risk Services
Government Contractor Consulting Services
Internal Audit
Management Consulting Services
Mergers & Acquisitions
Personal Financial Planning
SC&H Search
State and Local Tax
Supplier Assurance
Tax and Business Advisory
Unclaimed Property
Archive
Press Releases
Articles
Resource Links
Search Openings
Benefits
What Our Employees are Saying About Us
SC&H Assurance »
Overview
Financial Statement Audits and Reviews
Valuation for Financial Reporting
SAS 70 Audits »
SAS 70 Readiness Reviews
SAS 70 Type I Audits
SAS 70 Type II Audits
Complete the following form to forward this page...
To:
Name:
E-mail:
From:
Name:
E-mail:
Your message:

Statement on Auditing Standards (SAS) No. 70

Statement on Auditing Standards No. 70 (SAS 70), Service Organizations, is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). The SAS 70 auditing standard provides the opportunity for service organizations to disclose their control activities to their clients and to their client’s auditors in a standard reporting format. A SAS 70 audit communicates that a service organization has had its control activities examined by an independent accounting firm. A formal SAS 70 report including the auditor’s opinion is issued to the service organization at the conclusion of a SAS 70 audit. SC&H’s SAS 70 audits are conducted in accordance with the AICPA auditing standards.

SC&H offers comprehensive SAS 70 services that include SAS 70 Readiness Reviews and SAS 70 Type I and Type II Audits.  While each part of our SAS 70 audit program adds value for our clients, forward-thinking companies elect to go through the entire SAS 70 audit program.  Experience has shown that an unqualified SAS 70 Type II report is the most beneficial SAS 70 Report for service organizations.

SAS 70 Readiness Reviews

A readiness review is generally performed for service organizations that are new to the SAS 70 audit process. The purpose of a Readiness Review is to define the key control objectives and control activities that will be covered in the upcoming SAS 70 audits, and to identify those control weaknesses that need to be corrected before the SAS 70 Type I and Type II time periods begin. Read more...

SAS 70 Type I Audits

A SAS 70 Type I report documents that the service organization’s business process and information technology controls are effectively designed and implemented. In a SAS 70 Type I audit, SC&H expresses an opinion on the fairness of the presentation of the service organization’s description of controls that have been implemented. Additionally, SC&H expresses an opinion on whether the controls were effectively designed to achieve specified control objectives at a specific point in time. Read more...

SAS 70 Type II Audits

A SAS 70 Type II report includes the information contained in a Type I report, as well as an opinion expressed by SC&H on whether the service organization’s controls were operating effectively over a specific time period – typically six to twelve months. In a SAS 70 Type II audit, SC&H performs testing of the service organization’s controls in order to determine whether the operational effectiveness of the controls provides reasonable assurance that the control objectives were achieved during the time period specified. An unqualified SAS 70 Type II Report is required by clients to meet their compliance needs (e.g., Sarbanes-Oxley, GLBA, and HIPAA). 
Read more...

To report broken links or other Web Site problems, email Jess Moore.