Amper Politziner & Mattia Home Page - www.Amper.com

view more information like this on www.amper.comSAS 70 Services

Our Services | Considering a SAS 70 Audit? | Already Undergoing a SAS 70 audit?

Our Approach
If you are looking for a firm that works with you in performing your SAS 70 examination rather than just testing your organization for compliance, you’ve come to the right place.

We view each and every SAS 70 audit as an opportunity for the service organization’s management to objectively look at the organization from its customer’s point of view and ask the question – What matters to me as a customer of XYZ service organization?

After a service organization has been through one or more SAS 70 examinations they have a tendency to use the same control objectives and control activities for each successive review. While this would seem to be an efficient way of performing the audit, it may result in an audit that does not accurately reflect the current business environment.

Accounting for change
Our experience performing SAS 70 examinations has taught us that no company remains static. As the business environment, the economy and even personnel change, its business objectives, requirements and processes also adjust.  Service organizations need to assess these effects on the scope of its SAS 70 examinations.

In every SAS 70 engagement we perform, whether it is the service organization’s first or fiftieth, we follow a thorough methodology.  We question

  • the scope of each examination
  • any changes in the business since the previous audit
  • the validity of the control objectives and activities
  • the criticality of locations and products included in the scope
  • whether changes have been incorporated into the scope

A realistic scope
It is our responsibility as professional service auditors to ensure that management has crafted a realistic, sound and appropriate scope for the examination each and every time a SAS 70 audit is performed.  And as a firm, we believe spending time with the service organization’s management to craft an appropriate scope leads to a better examination every time.

For more information, as well as a complimentary consultation to discuss how a SAS 70 audit could be tailored specifically for your company, contact Torpey White, CPA, CISA at twhite@grgrp.com or 215-881-8147.

 

  

Business Toolbox
The Business Toolbox gives you access to financial calculators, tax calendars, a collection of useful articles, and much, much more.

Subscribe to our Newsletters

Click here to subscribe to our industry-specific publications.

Torpey White Part of IIA GTAG 9 Writing Team

Torpey White was part of the team of authors for “Global Technology Audit Guide (GTAG) 9 - Identity and Access Management,”a white paper published by the Institute of Internal Auditors.  This GTAG and the others in the series, provides authoritative guidance to auditors globally and serves as a reference to Chief Executive Auditors for planning, conducting and reporting on the high-risk audit areas in their Information Technology environment.

To read a description and see a PDF of the paper, click on this link.