SAS 70

Retirement Alliance is proud to have received an unqualified (“clean”) opinion on our 2010 Statement on Auditing Standards No. 70 (SAS 70) Type 2 report of our defined contribution plan recordkeeping operations.

That means our controls were properly designed, in place, and operating effectively during the period November 1, 2009 through October 31, 2010. The SAS 70 examination was performed by Berry, Dunn, McNeil & Parker, CPAs headquartered in Portland, Maine. 

For more information and a copy of our most recent SAS 70 report, please This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

About SAS 70 Reports

A Service Auditor's Report with an unqualified opinion that is issued by an Independent Accounting Firm differentiates the service organization from its peers by demonstrating the establishment of effectively designed control objectives and control activities. A Service Auditor's Report also helps a service organization build trust with its user organizations (i.e., customers).

A Service Auditor's Report ensures that all user organizations and their auditors have access to the same information and in many cases this will satisfy the user auditor's requirements.  A Type II service auditor's report will also allow the user organizations and the user auditors to possibly place reliance on the controls at the service organization.  This can be a significant component to the user auditor's control evaluations and the user organization's own assessments of internal control over financial reporting.

SAS 70 engagements are generally performed by audit, risk, and control oriented professionals who have experience in accounting, auditing, and information security. A SAS 70 engagement allows a service organization to have its control policies and procedures evaluated and tested (in the case of a Type II engagement) by an independent party. Very often this process results in the identification of opportunities for improvements in many operational areas.

SAS 70 reports (Service Auditor's Reports) are generally divided into three or four sections depending on the type of engagement performed. There are two types of Service Auditor's Reports: Type I and Type II.

A Type I report describes the service organization's description of controls at a specific point in time (e.g. June 30, 2000). A Type II report not only includes the service organization's description of controls, but also includes detailed testing of the service organization's controls over a minimum six month period (e.g. January 1, 2000 to June 30, 2000). The contents of each type of report is described in the following table:

Source: SAS70.com