What is SAS 70 Type II ?
What is SAS 70 Type II ?

SAS 70 Type II is the most widely recognized professional auditing standard. Developed by AICPA (American Institute of Certified Public Accountants), SAS 70 represents the professional guidelines that CPAs (certified public accountants) must follow when conducting audits. SAS 70 Type II compliance signifies the most stringent form of professional examination. An audit based on this level of compliance certifies that a hosting provider has had its control objectives and activities examined by a qualified independent accounting and auditing firm. SAS 70 Type II adherence demonstrates that a provider maintains adequate processes and safeguards when it hosts or processes customer data. An SAS 70 Type II audit is a major undertaking for any hosting provider, which has much to gain or lose depending on the audit’s outcome. Key areas of analysis include:

  • Computer and network operations
  • Network security
  • Business physical security
  • Datacenter physical security
  • Business-environment security
  • Datacenter-environment security
  • Logical security
  • Business continuity and disaster-recovery planning
  • Change management for applications and solutions
  • Executive and senior management
  • Decision-making processes
  • Human resources
Want to know how to maximize your reach with your content?
I'm interested in:
Join IOD

IOD is a content creation and research company working with some of the top names in IT.

Our philosophy is experts are not writers and writers are not experts, so we pair tech experts with experienced editors to produce high quality, deeply technical content.

The author of this post is one of our top experts. You can be too! Join us.

Join Us

Tech blogger? Why not get paid for your research and writing? Learn how.

The IOD website uses cookies. By clicking, you confirm acceptance of our cookie policy.
Please select one of the following:
Full Name
Job Title
What's your area of expertise?