Iasta Achieves SAS 70 Type II Certification

Share Article

Recognition enhances the company's position as a premier SaaS eSourcing solution.

Iasta successfully completed a SAS 70 Type II audit of the general computer controls supporting its SmartSource suite of applications. The audit was performed by a nationally recognized, independent auditing firm who performed a rigorous examination and extensive testing before issuing an unqualified opinion on SmartSource in the following areas:

•Computer Operations
•Information Security
•Application Change Control
•Data Communications

The Statement on Auditing Standards (SAS) No. 70, Service Organizations, developed by the American Institute of Certified Public Accountants (AICPA), is an in-depth audit of a service organization's control objectives and activities, including controls over information technology and related processes. Application service providers (ASPs) as well as Software-as-a-Service (SaaS) providers must demonstrate that they have adequate controls and safeguards in place when hosting or processing customer data. Iasta achieved Type II certification, which is an extension of Type I that requires detailed testing of controls over an extended audit time period.

Iasta CFO, Todd Epple said, "As eSourcing tools and the data they collect and manage play an increasingly dominant role in corporate procurement processes, companies are requiring a higher degree of security from their eSourcing solutions. The SAS 70 Type II Certification provides third-party, audited evidence that companies can choose SmartSource SRM knowing that Iasta has policies, procedures, and safeguards in place to protect their data."

Iasta recognizes that Sarbanes-Oxley legislation has placed an increased focus on the internal controls of valued business partners. The SAS 70 audit report is designed to provide clients with a certain level of assurance regarding the controls that are maintained by Iasta management. The SAS 70 report addresses all five components of internal control outlined in the Sarbanes-Oxley legislation, namely the control environment, risk assessment activities, control activities, information and communication systems, and monitoring activities. The structure of our report is intuitive and is designed to be incorporated with our clients' Sarbanes-Oxley compliance programs.

About Iasta
Iasta is one of the world's leading providers of Supplier Relationship Management (SRM) technology and services. Founded in 2000, Iasta helps organizations blend technology and best practice sourcing methodologies to optimize decisions within real-world business factors. They offer sourcing professionals around the world free access to extensive best practice content through their blog (http://www.eSourcingForum.com), wiki (http://www.eSourcingWiki.com), and the eSourcing Handbook, a modern guide to spend management success. Iasta's software, services, and resources enable companies to select the right processes and tools to improve decision making. For more information on Iasta, see http://www.iasta.com, or call +1-317-594-8600.


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Email >
Visit website