Information, Articles, Tools, and Useful LinksCommittee Listings, Member Forums, and Find a CITPInformation on AICPA Tech. Conference, Seminars, Webcasts, and ConferencesIT Section Membership Information, CITP Credential Information, Members Only Tools and Communications, and MorePublications, CPE, Conferences, and Webcasts
 
Search
 

Search Options

Printer Friendly View

Infotech Home > Resources > System Security & Reliability > System Reliability > Principles of a Reliable System > SAS No. 70, SysTrust & WebTrust: A Comparison
SAS No. 70, SysTrust & WebTrust: A Comparison

It is important to understand the differences between SAS No. 70 reports and Trust Services (SysTrust and WebTrust) reports. Some purchases of services have acquired a SAS No. 70 report because it was the only reporting framework available relating to internal controls. In many cases, where the goal is a marketing document to persuade current and potential customers, investors and others on the reliability of an entity's system, SysTrust would be a preferable framework since SysTrust (and WebTrust) result in unrestricted reports where SAS No. 70 reports are restricted. In addition, if the report needs to speak to the issues of business continuity and disaster recovery, a SysTrust/WebTrust engagement would be preferred as SAS No. 70 reports are not able to deal with those issues. It is important to identify the needs of the entity in order to identify and then provide the service that best meets their needs.  A brochure that highlights the differences between a SAS No. 70 and SysTrust and WebTrust reports is available here for your use.

Download the SAS No. 70 Brochure

Copyright © 2007 by the American Institute of Certified Public Accountants, Inc., New York, NY.