Santa Clara, Calif., September 6, 2005 OpSource, the SaaS expertssm, announced that it completed a service auditor's review, commonly known as a SAS 70 audit, of the general controls supporting the Optimal On-Demand and Optimal Enterprise services. The audit was completed in July, 2005, and performed by a nationally recognized independent auditing firm that is registered with the Public Company Accounting Oversight Board (PCAOB). The SAS 70 report addresses all five components of internal control outlined in the Sarbanes-Oxley legislation, namely the control environment, risk assessment activities, control activities, information and communication systems and monitoring activities.
"It is an absolute requirement that our SaaS delivery partner has Type II SAS 70 controls in place, because, for certain clients, we are contractually obligated to comply with Type II SAS 70," noted Guy Hilbert, vice president, KANA, a leading provider of Service Resolution Management (SRM) solutions. "Needless to say, we are pleased that OpSource maintains such high standards. A well-run operation with established procedures is of paramount importance to us, as it assures us flawless delivery, audited results and excellent service levels."
OpSource's management understands the ever increasing importance of corporate governance, as well as the impact of its services on the client's system of internal controls. "OpSource's successful completion of this audit demonstrates our commitment to quality and the importance we place on being a trusted service provider," stated Treb Ryan, CEO, OpSource. "Sarbanes-Oxley legislation has placed an increased focus on the internal controls of business partners such as OpSource. The SAS 70 audit report verifies the valuable role that OpSource plays in the control environment of our clients' on-demand software applications. The report provides a certain level of assurance regarding the controls that are maintained by OpSource within our on-demand infrastructure. The structure of the report was very intuitive and will be well-integrated with our clients' Sarbanes-Oxley compliance programs."
The successful completion of the 2005 SAS 70 audit is only part of OpSource's continued commitment to maintaining a high level of internal control. OpSource has engaged its service auditor to a long-term contract whereby OpSource will undergo a Type II SAS 70 audit on an annual basis.
About the SAS 70 Audit Process SAS 70 is an acronym for the American Institute of Certified Public Accountants (AICPA) Statement on Auditing Standard (SAS) No. 70, titled "Reports on the Processing of Transactions by Service Organizations". SAS No. 70 defines the professional standards used by a service auditor to assess the internal controls of a service organization and issue a service auditor's report.
