Information Technology Blog

When companies receive a request for a SAS 70 audit, their first question is often, “What is this, and why am I being asked for it?”

A SAS 70 audit (statement of auditing standards no. 70) is one function of auditing that assesses the internal controls of a service organization. When a service organization has access to important information, such as employee banking information, social security numbers, etc., it needs to be determined that the manner in which this information is stored and shared is safe and secure.

Imagine you are a big company and another company handles your payroll. The payroll company has your employee names, Social Security numbers and access to your money, so it would need a SAS 70 because they are a service provider for your organization. A SAS 70 audit will ensure that the information shared is secure.

How does a SAS 70 audit benefit a service company?

Being compliant opens doors for more work. A lot of companies are getting inquiries from prospective clients asking, ‘Are you SAS 70 compliant?’ If they say no, that’s the end of the conversation. It’s a great marketing tool for a lot of organizations, and it helps you identify areas where you have weak controls.

Click here to read more about SAS 70 audits or here to watch my video with more information on SAS 70s and post a comment below or contact our SAS 70 Team at 440-449-6800 with any questions.