BGW Successfully Completes the SAS 70 Audit
BGW has undergone, and passed without exception, an in-depth audit of its activities, including controls over information technology, data management, plan administration procedures and other related processes.
If you would like to know more about BGW's SAS 70, please contact us or call toll free at (888) 551-2800 Ext. 201.
For further information on the SAS 70 itself, auditing procedures and what this means to our clients, please read the following sections.
What is a SAS 70 Audit?
Statement on Auditing Standards (SAS) No. 70, for Service Organizations, is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA).
SAS 70 is the authoritative guidance that allows service organizations to disclose their control activities and processes to their customers and their customers' auditors in a uniform reporting format. A SAS 70 examination signifies that a service organization has had its control objectives and activities examined by an independent accounting and auditing firm.
The SAS 70 audit is widely recognized because it indicates that a service organization has been through an in-depth audit of its control activities, which generally include controls over information technology, administration and related processes. In today's global economy, service organizations, such as BGW, must demonstrate that they have adequate controls and safeguards when it hosts and/or processes data belonging to its customers. In addition, the requirements of Section 404 of the Sarbanes-Oxley Act of 2002 make SAS 70 audit reports even more important to the process of reporting on effective internal controls at service organizations.
Service Auditor's Reports
At the conclusion of a SAS 70 Audit, a formal report containing the Auditor's opinion ("Service Auditor's Report") is issued. One of the most effective ways a Service Organization can communicate information about its controls is through this Service Auditor's Report. There are two types of Service Auditor's Reports: Type I and Type II.
A Type I report describes the service organization's description of controls at a specific point in time. A Type II report not only includes the service organization's description of controls, but also includes detailed testing of the service organization's controls by the Auditor over a minimum six-month period.
In a Type I report, the Service Auditor will express an opinion on whether the service organization's description of its controls presents fairly, in all material respects, the relevant aspects of the service organization's controls that had been placed in operation as of a specific date, and whether the controls were suitably designed to achieve specified control objectives.
In a Type II report, the Service Auditor will express an opinion on the same items noted above in a Type I report, and whether the controls that were tested were operating with sufficient effectiveness to provide reasonable, but not absolute, assurance that the control objectives were achieved during the period specified.
What this Means to our Customers
Not all service providers in our line of business undergo and successfully complete a SAS 70 audit. A customer of BGW however, can be assured of the quality and effectiveness of the data management and administration controls. The customer can also be assured that these controls are monitored and re-audited every 6 months.
Upon request and where appropriate, BGW can provide our SAS 70 report for review and discussion. This provides the client a detailed description of our controls and an independent assessment of how the controls in operation are suitably designed and operating effectively.
For more information BGW and our SAS 70 audit, please contact us or call toll free at