SAS 70

Download free SAS 70 (Statement on Auditing Standards no 70) for Data Center Physical Security Checklist. This checklist could be used to assess whether your Data Center already have enough security level against threat. This checklist cover access control

This SAS 70 (Statement on Auditing Standards no 70) Compliance Procedure could be used to help you and your company complying against Statement of Auditing Standards. This step by step procedure covering SAS 70 Type I or Type II Field work. For example covering Initial discussion between service auditor and service organization for the purposes of understanding the scope, timing and final deliverables of the audit.

Every company that process their financial related transcations to third party must comply to SAS 70. For example if YOUR company outsource the payroll processing to third party company e.g ABC company, then the ABC company should comply to SAS 70 in order to get an assurance of the payroll processing process.

Definition
SAS 70 is an acronym for Statement on Auditing Standard 70; it was developed and is maintained by the AICPA (American Institute of Certified Public Accountants). Specifically, SAS 70 is a "Report on the Processing of Transactions by Service Organizations" where professional standards are set up for a service auditor that audits and assesses internal controls of a service organization.

The SAS 70 Compliance also needed Sarbanes Oxley section 404 ITGC area

Download here for sample SAS 70 Audit Checklist