Out With SAS 70 – In With SSAE 16: Are You Ready?
There are significant changes for CPAs who audit the financial statements of companies that utilize service organizations. SAS No. 70 has been split into two new standards:
- SSAE no. 16, Reporting on Controls at a Service Organization which governs the reporting on controls
- The requirements for auditing financial statements of companies will be contained in a newly minted SAS: Audit Considerations Relating to an Entity Using a Service Organization
The replacement of SAS No. 70 will impact many accounting, finance, and other related professionals. The Knowledge Group is producing a 2-hour LIVE webcast to review the fundamentals and provide updates for SAS 70 transformation. A panel of speaker experts will examine the most significant issues regarding the transition to the new regulations.
Click the “Register” button below to sign up for this webcast today. Advanced registration is recommended as space is limited. Significant discounts apply for early registration.
— Standard history, background, re-codification explanation, etc.
— Effective date
— Early adoption, including expectations on this topic
— Auditing vs. attestation standards
— Changes to opinion letter
— Management's Assertion - What's expected; Common types of activities; What's OK vs. Not OK
— Risks that threaten the achievement of the control objectives; What this means; What needs to be done
— Written representations
— Suitability of criteria
— Use and requirements for subservice organizations
— Carve-out vs. inclusive method
— Use of work by internal audit function
— Aligning with international standards
What’s staying the same?
ISAE 3402 & International Equivalent Standards
— ISAE 3402 and SSAE 16 as well as other international standards being developed
— Dual reports / combined reports
Alternative Reporting Methods
— Reporting on Non-ICFR aspects
— AT 101 framework
— AT 101, 201, 601, SysTrust & WebTrust (High Level)
— Transition planning (i.e., the major steps that need to be considered now for any company that has to transition from a SAS 70 audit to an SSAE 16 assessment)
Who Should Attend:
- Audit Committee
- Compliance Officers
Chris Schellman is the president and founder of SAS 70 Solutions, Inc., one of the largest providers of SAS 70 and SSAE 16 services in the United States. Having led over 600 SAS 70 audits, Chris is one of the most experienced service auditors in the world and currently spends a significant amount of time educating others on the topic. Chris is a former “Big 4” executive and maintains the designations of CPA, CISSP, CISA, CIA and PCI-QSA. He currently resides in Tampa, Florida, with his wife and four children.
Chris Schellman is the president and founder of SAS 70 Solutions, Inc., one of the largest providers of SAS 70 …
Chris Kradjan is the National Leader for the SAS 70 and Technology Practices for Moss Adams. He has been with Moss Adams since 1994, and has been auditing and consulting since 1992. Chris works routinely with private and public sector clients, and has been involved with SAS 70 audits for a wide range of complex technology-based service organizations. His practice areas include SAS 70 auditing, internal controls reviews, Sarbanes-Oxley compliance services, SysTrust/WebTrust audits, and independent technology assessments. Furthermore, Chris is regularly involved with technology and financial controls assessments based on the COBIT, ITIL, ISO and COSO frameworks. He is responsible for quality assurance involving SAS 70 audits performed by Moss Adams. In addition, Chris has developed and continues to maintain oversight of the firm’s SAS 70 audit and technology review compliance practices, and is leading the firm’s effort to transition from SAS 70 to SSAE 16. He holds a Bachelor of Arts in Business Administration from Western Washington University, is a Certified Public Accountant (CPA) licensed to practice in a various states, and is a member of the Information Systems Audit and Control Association (ISACA).
Chris Kradjan is the National Leader for the SAS 70 and Technology Practices for Moss Adams. He has been with …
Suzanne is the National SAS 70 Risk Leader for Deloitte & Touche LLP and has more than 21 years of experience in both Boston and London. In her role, Suzanne focuses on quality assurance and risk management issues for SAS 70 and SSAE 16/ISAE 3402 engagements, both in the United States and globally. She led the effort to develop Deloitte & Touche LLP’s SAS 70 policies, guidance and global training and has a current focus on the new SSAE 16 and ISAE 3402 standards. Suzanne was also a member of the ASB’s Service Organizations Task Force, which developed SSAE 16, and is currently on the ASB’s Task Force relating to the forthcoming SSAE 16 practitioner audit guide.
Suzanne is the National SAS 70 Risk Leader for Deloitte & Touche LLP and has more than 21 years of …
Judith M. Sherinsky, CPA is a technical manager in the AICPA's Audit and Attest Standards Group. In addition to drafting audit and attestation standards with task forces of the Auditing Standards Board, she also develops engagements that are applications of the attestation standards to subject matter other than financial statements, for example, XBRL, SEC rules related to investment companies and advisers, and internal control over derivatives for insurance companies. She has staffed the Service Organizations Task Force since coming to the AICPA 20 years ago and is currently working on a new guide to help CPAs implement SSAE no. 16. Prior to joining the AICPA, she was an auditor with Mendelsohn Kary Bell & Natoli in NYC and prior to that an elementary school teacher.
Judith M. Sherinsky, CPA is a technical manager in the AICPA's Audit and Attest Standards Group. In addition to drafting …
Print and review course materials
Method of Presentation:
On-demand Webcast (CLE)
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
About SAS 70 Solutions, Inc.
SAS 70 Solutions, Inc. is a leading provider of assurance and compliance services. Our company delivers SAS 70 audit, PCI validation, and security assessment services to hundreds of clients in locations throughout the world. By using experienced professionals with certified expertise along with integrated service delivery methods, SAS 70 Solutions provides clients with the ability meet multiple compliance objectives through a single service provider.
About SAS 70 Solutions, Inc.
About Moss Adams LLP
About Deloitte & Touche LLP