SAS 70 and Sarbanes-Oxley Act of 2002
With the introduction of the Sarbanes–Oxley Act of 2002 (SOX), SAS 70 took on increased importance. SOX adopted the COSO model of controls, which is the same model that SAS 70 audits have used since inception. SOX heightened the focus placed on understanding the controls over financial reporting and identified a Type II SAS 70 report as the only acceptable method for a third party to assure a service organization's controls. Security "certifications" are excluded as acceptable substitutes for a Type II SAS 70 audit report. PCAOB's Audit Standard No. 5 (which replaced AS 2) details how a SAS 70 audit should be used in relation to SOX.
Read more about this topic: Statement On Auditing Standards No. 70: Service Organizations
Famous quotes containing the word act:
“Courage charms us, because it indicates that a man loves an idea better than all things in the world, that he is thinking neither of his bed, nor his dinner, nor his money, but will venture all to put in act the invisible thought of his mind.”
—Ralph Waldo Emerson (1803–1882)