SOX News

Kaplan Financial Compliance Achieves SAS 70 Type II Certification

(May 20, 2008)-- Kaplan Financial Compliance announced that it has received its Statement on Auditing Standards (SAS) No. 70 Type II certification. Developed by the American Institute of Certified Public Accountants (AICPA), SAS 70 is recognized throughout the industry because it represents that a service organization or provider has demonstrated that they have adequate controls and safeguards when they host or process data belonging to their customers.

SAS 70 audit reports are critical to companies who use web-based software applications (also known as SaaS) and are involved in exchanging confidential data. The SAS 70 Audit Report documents and attests to the adequacy and completeness of the SaaS vendor's internal controls for protecting data. Most businesses begin with a SAS 70 Type 1 audit, which assesses whether the SaaS partner's internal controls are fairly and completely described and whether they have been adequately designed to meet set objectives. SAS 70 Type II audits go a step further to test those controls in operation.

"Kaplan Financial Compliance is proud to achieve SAS 70 Type II certification, a more intensive certification process than Type I," said Phil Dayalu, Director of Information Technology for Kaplan Financial Compliance. "Type II is especially important because it gives our customers assurance that their data is secure, the necessary controls are in place and that these controls are functioning properly. Since the steps to complete Type II certification include actual testing, we have eliminated the need for our customers to do their own audits of our systems, saving them significant time and resources."

According to Karen Pauli, Senior Analyst at TowerGroup, "Over the past 18 months there have been several significant and highly publicized thefts of data from major organizations that did not appear to have placed the security of their customer's personal information at the forefront of their corporate concerns. Customers expect their personal data to be protected. Organizations demonstrating that they have taken the strongest measures possible to protect personal information will be the customer's choice to do business with."

With technology driving a global financial community, it's crucial that companies have the peace of mind that their data is fully protected and being managed in a way that complies with all industry standards. This is at the core of the SAS 70 certification. Even if a company is not subject to Sarbanes-Oxley regulations, they still will find the SAS 70 audit report valuable, since it details exactly how their data is being protected.

"At Kaplan Financial Compliance, we will continue to take all steps necessary to maintain our leadership role in the industry and ensure that our customers feel confident in our ability to help them grow as the industry changes," said Zach McCoy, Vice President, Sales and Marketing. "Obtaining a SAS 70 Type II certification demonstrates that commitment."

Share or bookmarklet this web page at: