Posted By: | Friday, January 7, 2011
Previously HIPAA was only enforced at the Covered Entity level,
(e.g. Hospitals, Insurance Companies, Healthcare Providers, etc)
and the covered entity may have had contractual obligations with
their third party providers. New provisions include "Business
Associates" in the compliance regulations. These BAs are considered
to be any organization that’s responsible for the storing,
accessing, or processing of Protected Healthcare Information (PHI)
and normally includes organizations such as third... Read More »
Posted By: | Thursday, April 15, 2010
Has your organization decided that a SAS 70 is in your future?
Or, has a customer made it known that they will require you to
complete one? Either way, it sounds like you need one. And the
first step is to do proper planning and documentation of policies
and procedures so that you can assure success in completing your
SAS 70 Type I or Type II audit.
What should I suspect from a SAS 70 Readiness Assessment?
Simply put a comprehensive review of your organizations internal
policies, procedures, and... Read More »
Posted By: | Monday, April 19, 2010
There are two types of SAS 70 audits (Type I and Type II).
Many organizations are not certain which audit best fits their
needs or is required for their companies objectives. The
basic fundamental of a SAS 70 Type I audit is an audit report that
provides an opinion on the description of the service organizations
controls as of a point in time. This snap shot audit provides
a description of controls at the service organization that is
validated by an independent auditor.
SAS 70 Type I audits... Read More »
Posted By: | Wednesday, September 29, 2010
International standards will be replacing SAS 70 audits soon.
These new standards will bring more flexibility and responsibility
for service organizations. We've laid out some information below to
help you understand the change. For more
information, please contact us.
The International Auditing and Assurance Standards Board (IAASB)
felt a need for a common auditing standard to address the varying
differences in each countries audit requirements. As a result
the IAASB formed and issued the... Read More »
Posted By: | Friday, May 27, 2011
A sneak peek inside the standard changes.
Statement on Auditing Standards No. 70 (SAS 70 Audits) – These
somewhat common reports are an internationally-recognized
third-party assurance audit designed for service
organizations. It has become the most widely-accepted
compliance initiative that provides service organizations a
benchmark to compare their internal controls and processes against
industry best practices. SAS 70 was originally created in 1992 and
over the past five to ten years become... Read More »
Posted By: | Friday, August 2, 2013
What are the differences between a Type 1 and Type 2 SOC
We've seen numerous organizations confuse the TYPE of report
with the type of SOC standards to which they should adhere.
Clarifying the differences between SOC standards:
Read More »
- A SOC 1 report is for service organizations that impact or may
impact their clients financial reporting.
- A SOC 2 or 3 report is for service organizations that hold,
store or process information of their clients, not financial
reporting significant (e.g. would not...
Posted By: | Thursday, December 5, 2013
Many employers offer employees a flexible spending account (FSA)
benefit as part of their cafeteria plan (operated in accordance
with Internal Revenue Code Section 125) that is part of their
overall employee welfare benefits plan. FSAs allow employees to
contribute up to $2500 per year on a pre-tax basis which can be
used for approved types of medical expenses that are not otherwise
covered by insurance.
One of the downsides of an FSA from the employee’s standpoint is
the "use it or lose it"... Read More »
Posted By: | Thursday, November 14, 2013
I recently attended a conference of pension plan professionals,
and one of the topics of conversation was the Department of Labor's
(DOL) increase in examinations of tax qualified retirement plans.
The DOL can wreak havoc on a tax qualified plan in many areas,
including the assessment of civil penalties on the plan, the plan
sponsor, and responsible persons at the plan sponsor. Sometimes
these can lead to criminal prosecutions. Plan examinations are
often time consuming, expensive to conduct,... Read More »
Posted By: | Friday, February 1, 2013
Recognizing that many employers were unaware of their
responsibility to file an annual return for various types of
retirement and welfare employee benefit programs, the Department of
Labor (DOL) created the Delinquent Filer Voluntary Compliance
Program (DFVCP) in 1995. DFVCP allows an employer who has not
filed required Form 5500s to file all required Form 5500s for a
particular program at one time, and pay a reduced one-time
penalty. The penalty amount will vary depending on the number
of... Read More »
Posted By: | Wednesday, December 12, 2012
As we have previously discussed in other venues and
publications, an FASB Exposure Draft was issued in 2010 that would
significantly change lease accounting. Briefly, virtually all
leases would be considered a form of financing and even today’s
operating leases would become capital leases. An intangible
asset consisting of the “right of use” of the asset equal to the
lease liability is recorded at inception. Because debt would
go up and what is presently rent expense would... Read More »