Skip to content
BOL Conferences
Learn More - Click Here!

Forums · Active Threads · Forum Rules · Mark All Read · Log In
BankersOnline.com Forums Banker Forums Operations Compliance SAS 70
Thread Options
#1824697 - 06/18/13 06:29 PM SAS 70
Compliance101 Offline
Gold Star
Compliance101
Joined: Oct 2004
Posts: 473
Tennessee
What type of company required to have a SAS 70? Does it matter if it is publicly traded or privately owned?
_________________________
"No one can make you feel inferior without your consent."
Eleanor Roosevelt

Return to Top
Operations Compliance
#1824717 - 06/18/13 06:50 PM Re: SAS 70 Compliance101
rlcarey Offline
10K Club
rlcarey
Joined: Jul 2001
Posts: 83,393
Galveston, TX
There is much on the internet regarding SAS 70 or the SSAE 16 as it is known today. For example:

http://sas70.com/sas70_overview.html
_________________________
The opinions expressed here should not be construed to be those of my employer: PPDocs.com

Return to Top
#1824900 - 06/19/13 12:18 PM Re: SAS 70 Compliance101
edAudit Offline
Power Poster
edAudit
Joined: Jul 2008
Posts: 4,796
You are here
The SSAE 16 has replaced the SAS 70 as the new "standard" since 2011.

http://blog.thehigheredcio.com/2011/09/02/ssae-16-replaces-sas70/

shows the differences
_________________________
Opinions can be considered as coming from anywhere but my employer.

CAMS


Return to Top
#1825141 - 06/19/13 05:39 PM Re: SAS 70 Compliance101
Compliance101 Offline
Gold Star
Compliance101
Joined: Oct 2004
Posts: 473
Tennessee
Is this something we are required to obtain from ALL vendors?
_________________________
"No one can make you feel inferior without your consent."
Eleanor Roosevelt

Return to Top
#1825146 - 06/19/13 05:42 PM Re: SAS 70 Compliance101
ahkcompliance Offline
Diamond Poster
Joined: Sep 2008
Posts: 2,474
Midwest
We obtain it for all criticla vendors (core processor, technology vendors, etc).

Return to Top
#1825169 - 06/19/13 06:20 PM Re: SAS 70 Compliance101
Midnight Offline
Member
Midnight
Joined: Jun 2008
Posts: 69
Upper Mid West
I would look for a SSAE 16 from vendors that store your customer data at their data center site. Examples: Core processing vendor if you have an outsourced relationship. Online banking vendor, website vendor, or any vendor storing your customer or confidential data on their servers at their data center.

Return to Top
#1825578 - 06/20/13 03:50 PM Re: SAS 70 Compliance101
biz Offline
Diamond Poster
Joined: Nov 2005
Posts: 1,032
Midwest
You might also request reports from your regulator as they have sometimes completed audits on the "big boys" in the game ie: your data center.

Return to Top

Moderator:  Andy_Z, John Burnett