SAS 70 Type II Certification
It is always reassuring to know that a corporation sets high standards for performance and customer service. It is another thing when a third party organization recognizes those standards. Such is the case for the American Institute of Certified Public Accountants (AICPA), which has awarded CoreVault the SAS 70 Type II Certification.
The widely recognized "SAS 70 Type II Audit" represents that a service organization has had its control objectives and control activities examined by an independent accounting and auditing firm. The examination conducted at CoreVault included not only operational process controls, but also security and information technology. The service auditor's report, which includes the service auditor's opinion, is issued to the organization at the conclusion of an SAS 70 Type II examination.
SAS 70 Type II is generally applicable when an independent auditor is planning the financial statement audit of an entity that obtains services from another organization. A Type II report not only includes the service organization's description of controls, but also includes detailed testing of the service organization's sustained controls over a minimum six-month period.
In today's global economy, service organizations or providers must demonstrate that they have adequate controls and safeguards when hosting or processing data belonging to their customers. Service organizations, therefore, receive significant value from having an SAS 70 Type II engagement performed. A service auditor's report with an Independent Accounting Firm differentiates the service organization from its peers by demonstrating the establishment of effectively designed control objectives and activities. The report assists an organization in building trust with its customers, thereby providing transparent accountability.