Report 5970 1870
matrix1 last edited by
How frequently should we ask our third party service provider to provide us with an independent review of security, availability and processing integrity (report Canadian 5970 or SAS 70 for USA)?
jasoncrater last edited by
Our externals require us to review our service organization’s SAS 70s at least once during our fiscal year and absolutely once in the last quarter of our fiscal.
EMM last edited by
It will depend on the period examined within the SAS 70. Overall, there should be enough testing perfomredto cover the controls for the year-end.