is an old statement getting a new life, thanks to Section 404." Prior to 404, clients didn't request SAS 70
Plan auditors will increasingly request plan sponsors to obtain SAS 70
from their plan recordkeepers.
But the SAS 70
issue is not so easy to resolve, notes Edmonds, who says another service provider also sent Dow an SAS 70
report for 2003 last July, saying that "we would not get the SAS 70
for 2004 until mid-2005.
Selecting an ASP that is proactive about risk management and has engaged in an SAS 70
audit can offer many benefits, including reduced audit costs, reduced time spent auditing the ASP, assurance over your AS P's internal controls and improved customer service from the ASP.
After three years' work, SAS 44 is being replaced by SAS 70
Reports on the Processing of Transactions by Service Organizations.
Verizon Communications Inc (NYSE:VZ) (NASDAQ:VZ), a provider of broadband and other wireless and wireline communications services, reported today that it has successfully completed the annual SAS 70
Type II examination of its cloud computing data centres.
allows for the auditor of a third-party service provider ("service auditor") to issue one of two different internal control reports, commonly called "Type I" and "Type II" reports.
"SendThisFile also complies with HIPAA, SAS 70
Type II, SSAE16, PCI DSS, and FIPS 140-2.
Phoenix NAP is a PCI DSS validated services provider and a SAS 70
Type I certified facility.
Phoenix NAP is a SAS 70
Type II certified facility and PCI DSS Validated Service Provider.
The company said it selected a 224,000ft sq, SAS 70
Type II compliant data and technology facility in Denver to support its work in managing electronic evidence, in-house e-discovery technology and data storage for its corporate legal department and law firm clients.
The 19 year-old firm currently owns and operates three data centers in MD, including one of the world's few certified SAS 70
Type II, TIA-942 Tier IV data centers.