SAS 70 Compliance

The expanded use of third party service providers by many organizations has left auditors and risk managers struggling to assertion vendor management, legislative and regulatory requirements from internal control procedures outside the ownership of their organization. As a result, the demand for SAS 70 compliance continues to gain momentum as these organizations are tasked with gaining assurance on the relevant internal controls and controls around financial reporting necessary to assist in managing third party service provider risk. This session will provide practitioners with information relevant to understanding SAS 70 compliance. Coverage will include SAS 70 usage, reporting, common areas of coverage, and comparisons with other types of attestations. The information will be relevant for members in the third party service provider industry, practitioners with third party service provider clientele, in addition to the user organizations and user auditors they serve.