SAS 70 Type I Audit
By Ben Osbrach, National Risk Advisory Leader
There are two types of SAS 70 audits (Type I and Type II). Many organizations are not certain which audit best fits their needs or is required for their companies objectives. The basic fundamental of a SAS 70 Type I audit is an audit report that provides an opinion on the description of the service organizations controls as of a point in time. This snap shot audit provides a description of controls at the service organization that is validated by an independent auditor.
SAS 70 Type I audits are sometimes used as a stepping stone for organizations that have a long term goal of obtaining a SAS 70 Type II audit and other organizations use the SAS 70 Type I audit for marketing strategies. Regardless the use of the report, a SAS 70 Type I audit is a valuable engagement to provide third parties an independent review of your operations.