About Global Shares and SAS 70
Global Shares understands that you need to be able to rely on the work we perform, especially as it relates to financial reporting. In order to provide assurance to our clients and their auditors, a SAS 70 type 2 audit is performed on our stock plan administration operations each year. This report documents not only the controls that we have in place to ensure the accuracy of our processing, it also records the results of a third party audit of the controls over a specified time period.
For US based companies, this report and other documentation that we provide to our administration clients assist in your Sarbanes-Oxley Section 404 compliance. Clients outside the US are administered under the same standards as part of Global Shares' commitment to minimizing risk for our clients.
For more information abut SAS 70 visit www.sas70.com.
What is a SAS 70?
Statement on Auditing Standards (SAS) No. 70, Service Organizations, is a widely recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). A service auditor's examination performed in accordance with SAS No. 70 ("SAS 70 Audit") is widely recognized, because it represents that a service organization has been through an in-depth audit of their control objectives and control activities, which often include controls over information technology and related processes. In today's global economy, service organizations or service providers must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers. In addition, the requirements of Section 404 of the Sarbanes-Oxley Act of 2002 make SAS 70 audit reports even more important to the process of reporting on the effectiveness of internal control over financial reporting.
Under SAS 70, auditor reports are classified as either Type I or Type II. In a Type I report, the auditor evaluates the efforts of a service organization at the time of audit to prevent accounting inconsistencies, errors and misrepresentation. The auditor also evaluates the likelihood that those efforts will produce the desired future results.
A Type II report includes the same information as that contained in a Type I report; in addition, the auditor attempts to determine the effectiveness of agreed-on controls since their implementation. Type II reports also incorporate data compiled during a specific time period, usually a minimum of six months. |
