SAS 70

SAS 70:  The Statement on Auditing Standard (SAS ) No. 70 was adopted by the American Institute of Certified Public Accountants  around 1993. It was intended to establish a standard  for the gathering of evidence on internal controls of a service organization (SO)  associated with the delivery of services related to the controls  of data for the preparation of financial reports  that impact the accuracy of the financial reports.  SAS 70 created an audit of internal controls over financial reporting (ICFR) and did not apply to privacy or security audits of Service Organizations Controls. (SOC)  The audits were to be performed and reported on by Certified Public Accounts (CPAs) other than the service user’s auditor.  The standards of SAS 70 have been replaced by those of a SOC 1 Audit.

Leave a Reply

Your email address will not be published. Required fields are marked *

Go back to top