About Us
|
Contact Us
|
External Links
Services
Service Auditor Reporting
Service auditor reports and in particular SAS 70s and AAF reports are becoming increasingly common across a variety of industry sectors for a number of reasons. The increasing need for compliance with legislation like Section 404 of the Sarbanes-Oxley Act of 2002 (SOx) and the Financial Institution and Exchange Law (JSOX) are two of the main factors driving the increased focus on service auditor reports. In addition the importance of technology in all aspects of the commercial supply chain has further increased the focus on third parties and how they manage their operating environments are now regarded as business critical. While service auditor reports were not necessarily meant for this purpose there has been an increasing focus on IT, transaction processing and in particular how security risks are mitigated.
Service auditor reports can, if managed and implemented correctly, provide real value to service providers and also to their associated user organisations in terms of their operations, risk identification, general compliance requirements (such as SOx and JSOX), and leading practice requirements (such as ISO standards, CobiT, and ITIL).
If you are thinking of introducing a SAS 70 or AAF report or have already used other organisations to provide your service auditor reporting requirements we are confident that our experience, pragmatic approach and customised service proposition can provide value to you resuting in helping ensure the mitigation of risk and the resultant cost reduction. We have a unique mix of experience that make us well-suited to help you - whether you are a provider of outsourced services or if third parties are important to your service proposition.
As you would expect we can take you through every step of the process from selection of the service auditor report that is right for you, to completion of the on-going reporting requirement and, from a user perspective, helping to understanding the key meanings behind SAS 70s and AAF reports. Examples of how we can help include:
Readiness Reviews
Readiness reviews can be completed as a “pre-test” for SAS 70/AAF Type I or Type II audits, or as standalone engagements at the early stages of the service auditor reporting lifecycle. Our experience has shown that readiness exercises are a very useful first step in understanding some of the practical issues that may be experienced such as identification of control weaknesses and remediation requirements.
Type I and II service auditor reports
In conjunction with our reporting Joint Venture partners we can produce a service auditor report that meets your specific requirements. We have a variety of costing approaches and aim to always provide real value in terms of each engagement.
For more information contact
infoSAS70@audit-risk-consulting.com