Because the people asking do not know about the changes that
have been made.
On June 15, 2011, SAS 70s were broken into two different
standards. A new standard (SSAE 16) and an existing standard
(AT 101).
These two different standards are used for two different
reasons:
The SSAE 16 focuses on controls at service organizations likely to
be relevant to user entities’ internal control over financial
reporting.
The AT 101 focuses on controls that do NOT affect its clients’
internal control over...
Read More >>
Over the weekend, a security breach at Epsilon, an online
marketing unit of Alliance Data Systems Corp., exposed millions of
people to phishing attacks. Epsilon’s customers include well-known
and large companies such as Citigroup Inc., Capital One Financial
Corp., JPMorgan Chase & Co., U.S. Bank, Barclays Bank,
Ameriprise Financial Inc., Walgreens, Kroger Co., New York &
Co., Verizon Communications Inc., TiVo Inc., the Home Shopping
Network, Hilton Hotels, Best Buy, Disney Destinations, Kraft...
Read More >>
Microsoft has recently announced three offers for
its Microsoft Dynamics ERP systems, valid from now until June 24,
2011.
New Microsoft Dynamics
Customers
With
the “Buy 1, Get 3” offer, growing and medium-sized businesses can
take advantage of the rich functionality, low cost of ownership,
and rapid deployment offered by Microsoft Dynamics NAV and
Microsoft Dynamics GP. This promotion allows a customer purchasing
either the Advanced Management (AM) or Business Essential (BE)
Foundation Pack...
Read More >>
Mainstream Support for Microsoft Dynamics GP 9.0 will End
January 11, 2011
Mainstream support for Microsoft Dynamics GP 9.0 will end on
January 11, 2011 per the Microsoft Support Lifecycle Policy. Click
here to
find out when your GP product's support ends.
Green Tip: Download Your Software
Instead of shopping for software at the store, simply download
what you need directly from those clever folks on the Internet.
You'll save resources, as well as time and fuel. CDs are made
out of nonrenewable...
Read More >>
When companies receive a request for a SAS 70 audit, their first
question is often, “What is this, and why am I being asked for
it?”
A SAS 70 audit (statement of auditing standards no. 70) is one
function of auditing that assesses the internal controls of a
service organization. When a service organization has access to
important information, such as employee banking information, social
security numbers, etc., it needs to be determined that the manner
in which this information is stored and...
Read More >>
CPAs are increasingly being asked to solve the information
technology problems of their clients and prospective clients,
according to a new survey by the American Institute of CPAs.
This year, the AICPA’s Top Technology Initiatives Survey asked
AICPA members to rank a list of questions heard most often from
audit committees, chief financial officers and chief information
officers. With a renewed focus on IT-related issues, the survey
makes it clear that CPAs need to understand information...
Read More >>
In June 2011, the SSAE No. 16
will replace the SAS 70 as the standard for reporting on service
organizations.
Statement on Standards for
Attestation Engagements (SSAE) No. 16
The SSAE No. 16 was finalized by
the Auditing Standards Board of the American Institute of Certified
Public Acountants (AICPA) in January 2010. It was drafted to
replace the SAS 70 as a more effective standard for reporting on
service organizations, and to update the US service organization
reporting standard so that it fits...
Read More >>
Microsoft currently offers three Corporate Performance
Management (CPM) programs: FRx, Forecaster and Enterprise
Reporting, which aid businesses in the areas of financial
reporting, planning/budgeting/forecasting, and consolidation.
Starting in May 2010, the capabilities of these CPM programs will
gradually be combined into one program, Microsoft Dynamics
Management Reporter, as part of an integration process that will
take place over the next four years.
May 2010 marks the first step of the...
Read More >>
When
you read something that says you should secure your network, most
business people assume their IT people are taking care of
this. How can you be sure? Answer – you trust them.
Great, but what if they aren’t staying current with technology and
are using old techniques…
You may
trust them, and they may be doing what they know how to do, but you
still have vulnerabilities. In a recent article in InformationWeek magazine – Greg Shipley,
Tyler Allison, and Tom Wabiszczewicz write about five...
Read More >>
Identity thieves are now
taking advantage of information publicly posted to social networks
to make it easier to steal social security numbers.
According to a recent study, an estimated 10 million Americans
publish their birthdays in online profiles or provide enough
information for their birthdays to be inferred. Depending on the
state, the accuracy in which SSNs can be guessed based on the date
and place of birth in 100 attempts varies from .08% to over 10%.
Combined with a computer program...
Read More >>
In the
information technology world, there are such a variety of
professional certifications available that after a while it all
starts to look like alphabet soup. SC Magazine, the magazine
for IT security professionals, sorted through the clutter and named
one certification best of the best – the Certified Information
Systems Auditor (CISA) credential.
According to SC Magazine, “the technical
skills and practices that CISA promotes and evaluates are the
building blocks of success in the field....
Read More >>
Powered by Compendium