The SAS-70 Auditing Standard
SAS-70 Compliance and Certification
SAS-70 is an Auditing Standard specifically intended for service organizations, to enable transparent reporting and understanding of the capabilities and service level agreements that can be offered by Data Service Providers.
Having this certification means an organization has been officially audited, and has clearly defined control policies and objectives. A SAS-70 Certified organization or facility will apply the guidelines and requirements most stringently in order to safeguard data they are storing or processing on behalf or their customers or other service providers.
Only organizations who operate systems compliant with SAS-70 and holding official SAS-70 certifications should be used to store confidential or mission-critical data and applications. SAS-70 gives a level of assurance and some amount of guarantee as regards the Confidentiality, Availability and Integrity of digital information held off-site or in data-warehousing facilities.
The SAS-70 Auditing Standard was developed by the American Institute of Certified Public Accountants (AICPA), and has its own website: