View CartView Cart
QuestionsContact Us

Services



We are a team of professionals providing consulting services to companies across variety of industries managing, coordinating and executing control assurance efforts, assessing application security, mitigating deficiencies, streamlining compliance efforts through efficiencies, evaluating risks and providing solutions that bring value.

Below is a brief overview of our core services.

Please contact us to set up an appointment with one of our associates to discuss your needs.

Services

SAS 70 (Statement on Standards for Attestation Engagements (SSAE) 16 and International Standard on Assurance Engagements (ISAE) 3402) and Related Control Services

We offer assistance in managing the execution and delivery of the SAS 70 reports intended for use by management of the service organization, its current user organizations, and the independent auditors of such user organizations, including:
  • Coordination of the SAS 70 readiness assessments and the execution of the SAS 70 related procedures.
  • Evaluation of business process and technology controls within the context of SAS 70 reports to provide a clear picture of the control environment.
  • Assisting management by drafting the description of controls (creating the SAS 70 report narratives and control matrices).
  • Mapping the control activities to the respective control objectives.
  • Execution of the SAS 70 testing procedures (description of controls placed in operation, executing and documenting tests of operating effectiveness and the results of such tests).
  • Performing gap assessments and identifying alternatives for management to consider to remediate the control gaps.
  • Assisting management by identifying relevant user control considerations.
  • Quality control and review and the delivery of the final report.
Type II SAS 70 Report Reviews
In addition, we perform SAS 70 report reviews to help companies ascertain the reliability and the integrity of the processing environment at their service organization(s), specifically:
  • Assess significance of internal controls at the service organization to the entity’s internal control and the relevance to the audit.
  • Determine whether the SAR (Service Auditors' Report) is satisfactory for organizations' audit purposes and sufficient to meet their audit objectives.
  • Review test procedures and conclusions on operating effectiveness of the controls at the service organization over a specific period of time to gain assurance that service organization provides adequate protection surrounding the processing of company’s data.
  • Assess audit implications of any deficiencies reported in the SAR and their effect on the audit and the entity’s internal control.
  • Determine whether there is a need to obtain additional audit evidence about the operating effectiveness of controls at the service organization.