SAS 70 Controls Management
Financial services firms. Business process outsourcers. Managed services providers.
Independent software vendors. Since the passage of the Sarbanes-Oxley Act, providers
of external services face new compliance requirements from their customers. Increasingly,
these customers demand that their service providers demonstrate control of their
business and IT operations with a SAS 70 attestation.
Avoid the SAS 70 Fire Drill
For many companies, preparation for their annual (or semi-annual) SAS 70 audit is
a high-cost, high-risk, and highly disruptive exercise. It means a frantic search
through a combination of paper files, production systems, spreadsheets, and e-mails
to gather the documentation that their auditors require. Your SAS 70 doesn't have
to work this way.
Automating Controls Management
ProcessUnity automates the development, documentation and maintenance
of the controls you need for a successful SAS 70.
- Design both the business and information technology controls your auditors and customers
expect
- Assign ownership and responsibility for each control
- Facilitate review, approval and activation of your controls
- Manage and store necessary supporting documentation
- Define and schedule your own control tests or leave testing to the auditors
- Launch and track corrective actions when necessary
- Accept, track, and fulfill document requests from the audit team
- Automatically report changes to controls since the last audit
- Give auditors direct web access to the information they need
- Produce a draft Section 3 SAS 70 Report
|
|