- Outsourcing is a growing trend and companies increasingly depend on third-party providers to deliver critical services.
- Companies that even ten years ago may have only used one or two major third-party service providers today often depend on many providers to deliver any number of services, including:
- Information technology
- Finance and accounting
- Customer care
- Human resource and benefits management
- Payments and administration
Consequently, outsourcing companies are looking for third-party assurance to provide their clients with comfort about their internal control environment.
The SAS 70 remains the most widely employed approach to demonstrate third-party assurance, providing coverage to users of outsourced services.
SAS 70 reporting, in coordination with your internal control assessment activities, can help:
- Identify your company's most business-critical, process-based relationships.
- Pinpoint existing internal and outsourcing organisation gaps in processes and controls that may increase risk.
- Enhance existing activities with a more encompassing framework for internal controls: one that achieves compliance with Sarbanes-Oxley financial reporting control requirements and helps improve internal risk management and business partner performance.
Our SAS 70 services can bring an organisation value through improved third-party risk management and performance, and include:
- Determining the spectrum of required SAS 70 coverage required.
- Executing SAS 70 reports for outsourcers and service providers.
- Expanding the scope of SAS 70 reporting based on assessment of the spectrum required and value to be delivered.