UHY LLP is a full service accounting firm that has deep industry knowledge and extensive experience in providing Statement on Auditing Standards (SAS) 70 audits and related services nationally and in selected international markets. Our team will work with you to gain a thorough understanding of your business operations and related risks. We will deploy an effective and efficient testing approach to the controls identified by your organization that are performed on behalf of your customers.
UHY LLP is the ideal resource to provide a comprehensive and in-depth audit of your organization’s control environment, specifically, information technology controls and related processes. Our experience extends to a wide range of industries from medical claims processing to data centers and more.
Our Credentials
People are our most important resource. We have a wealth of exceptional people to serve our clients. Our partners have an average of 25 years of experience in their specialties and “Big 4” training. The majority of our practitioners hold professional designations such as certified public accountant (CPA), certified information systems auditor (CISA), certified information systems security professional (CISSP), certified information security manager (CISM), certified internal auditor (CIA) and certified in the governance of enterprise IT (CGEIT). UHY LLP is committed to hiring and training the best professionals to respond to the needs of our clients.
Our Service
Do you want someone who understands your business and provides quality service? At UHY LLP, we have partner and manager involvement throughout the SAS 70 review process to maintain a high standard of quality through every step of the engagement life cycle along with a competitive pricing model.
Our professionals have vast experience in providing SAS 70 audit services, including:
SAS 70 Readiness Assessments
UHY LLP professionals will use their knowledge of your industry to assess your readiness to undergo a SAS 70 Type I or Type II audit. We will meet with your key personnel to gain a thorough understanding of your current controls and identify potential gaps that may need to be addressed before you are prepared to undergo a SAS 70 Type I or Type II audit.
SAS 70 Type I Audits
UHY LLP will express an opinion about whether the design of control activities put in place by your organization effectively meet the control objectives and will determine when the controls became operational. SAS 70 Type I audits will address the following:
- Reports on controls placed in operation (as of a point in time)
- Looks at the design of controls but does not include tests of operating effectiveness
- Considered for informational purposes only
- Low or minimal reliance by user auditors is placed on a SAS 70 Type I report
SAS 70 Type II Audits
Similar to a Type I audit, UHY LLP will also express an opinion regarding the design of your organization’s control activities. In addition, UHY LLP will perform control testing to validate that the controls were in place and operating effectively over the audit period, which is typically six to twelve months. A typical SAS 70 Type II audit entails the following:
- Reports on controls placed in operation (as of a point in time) and includes tests of operating effectiveness (for a period of time, generally not less than 6 months)
- More comprehensive than a Type I audit
- Requires more internal and external effort
- Identifies instances of non-compliance
Enter your information below to have a SAS 70 audit specialist contact you.