|
Banking and Financial Services Retail Healthcare and Insurance Government High Technology and Manufacturing Service Companies Information Request Contact Us |
Service CompaniesCompanies that provide services or act as third party providers for publicly traded companies or regulated financial institutions have additional compliance responsibilities to fulfill. We can help you with these compliance responsibilities, and save you money when the SAS 70 review is performed.Regulated financial institutions must provide reasonable assurances that they monitor the technical service providers they use, in accordance with FFIEC guidance and ensure that all service providers: • Are subject to an annual risk assessment process that identifies the business risks of using the particular service providers for business functions, including Privacy risks, when required.For Sarbanes-Oxley compliance and other compliance requirements, public companies must obtain assurances from their service providers that they have internal controls that are adequate in scope, sufficiently mitigate business risks, and that these controls are in place, functioning and can be relied upon. Typically these assurances are provided to the public company when the service provider has a Type II, SAS 70 (Statement of Auditing Standards) report. FDC Associates can assist service providers by using our "Fast Track" pre-assessment program for internal controls. The "Fast Track" program provides management with an assessment of which of their internal controls are adequate and where they will need additional procedures or documentation of procedures to obtain a "clean" or "unqualified" opinion from the firm that performs the SAS 70 auditing. We specialize in providing high-complexity technology audits, such as:
For more information on how FDC Associates can be Your Partner for IT Audit and Governance Solutions, complete an Information Request or Contact Us. |
|