About SaS70 Wiki

SAS 70 is an acronym for Statement on Auditing Standard 70; it was developed and is maintained by the AICPA (American Institute of Certified Public Accountants). Specifically, SAS70 is a “Report on the Processing of Transactions by Service Organizations.  SAS 70 provides guidance on the factors an independent auditor should consider when auditing the financial statements of an entity that uses a service organization to process certain transactions. It also provides guidance for independent auditors who issue reports on the processing of transactions by a service organization for use by other auditors.

A copy of the Original Pronouncement can be accessed from this page:

Original Pronouncement

or

Download Document

History of SaS70

Statement
Date Issued Title of Statement
SAP No. 29 October 1958 Scope of the Independent Auditor’s Review of Internal Control
SAP No. 41 November 1971 Reports on Internal Control
SAP No. 54 November 1972 The Auditor’s Study and Evaluation of Internal Control
SAS No. 3 December 1974 The Effects of EDP on the Auditor’s Study and Evaluation of Internal Control
SAS No. 44 December 1982 Special-Purpose Reports on Internal Accounting Control at Service Organizations
SAS No. 48 July 1984 The Effects of Computer Processing on the Audit of Financial Statements
SAS No. 55 April 1988 Consideration of Internal Control in a Financial Statement Audit
SAS No. 70 April 1992 Service Organizations
SAS No. 78 December 1995 Consideration of Internal Control in a Financial Statement Audit: An Amendment to Statement on Auditing Standards No. 55
SAS No. 88 December 1999 Service Organizations and Reporting on Consistency
SAS No. 94 May 2001 The Effect of Information Technology on the Auditor’s Consideration of Internal Control in a Financial Statement Audit
PCAOB No.2 March 2004 An Audit of Internal Control over Financial Reporting in Conjunction with an Audit of Financial Statements. Note: Appendix B refers to Service Organizations.

Graph by TopBits