About SAS 70 Type II Certification

The Statement on Auditing Standards (SAS) No. 70 is a widely recognized auditing standard developed by the American Institute of Certified Public Accounts (AICPA) for the assessment of service organizations. Professionals who have experience in accounting, auditing and information security perform the audit.

The Statement on Auditing Standards (SAS) No. 70 is a widely recognized auditing standard developed by the American Institute of Certified Public Accounts (AICPA) for the assessment of service organizations. Professionals who have experience in accounting, auditing and information security perform the audit.

The SAS 70 audit is an intensive process, requiring months of preparation. DriveSavers undergoes both Type I and Type II SAS 70 Audit Reports on an annual basis. DriveSavers pursued the SAS 70 audit voluntarily to verify the following for our customers:

  • The integrity of our data recovery facilities and data hosting solutions
  • The security of our IT assets
  • Our compliance with the Sarbanes-Oxley (SOX) Act of 2002 and other data privacy and data security compliance regulations
  • Our overall IT compliance.

Annual SAS 70 Type II Audit Reports signify the most stringent form of professional examination. The security control objectives established for our Audit Reports are designed to satisfy the stringent security requirements and audits mandated by the corporate clients and government agencies we serve.

The following areas were examined, tested, and certified by Goetsch Associates:

  • Control environment
  • Computer and network operations
  • Data communications
  • Network security
  • Information security
  • Physical security
  • Business-environment security
  • Logical security
  • Business continuity and disaster-recovery planning
  • Change management for applications and solutions
  • Executive and senior management
  • Decision-making processes
  • Human resources

Annual SAS 70 Type II Audit Reports verify our qualification to handle enterprise-class recoveries, and support those customers who must maintain compliance with data privacy and data security regulations such as:

  • NIST (National Institute of Standards & Technology) SP 800.34 (Rev.1)
  • HIPAA (Health Insurance Portability and Accountability Act)
  • SOX (Sarbanes-Oxley Act of 2002)
  • GLBA (Gramm-Leach-Bliley Act of 1999)


DriveSavers is the only data recovery service provider in the industry today that undergoes annual SAS 70 Type II Audit Reports. View Audit Report

Click Here for Proof

Click Here for Proof