SAS70 Type II Compliance

Zak's strict data destruction practices meet stringent SAS 70 Type II requirements.


The Statement on Auditing Standards (SAS) No. 70, for Service Organizations, developed by the American Institute of Certified Public Accountants (AICPA), is a widely recognized audit standard. SAS 70 Type II compliance is often related to Sarbanes-Oxley requirements.

The independent SAS 70 auditor produces two kinds of "Service Auditors Reports": Type I and Type II. Type I reports describe the organization's controls at a specific point in time (for example, January 1, 2010). Type II, a more thorough and comprehensive audit, includes the organization's description of controls as well as a detailed testing of controls over a minimum six-month period. Zak's certificate of destruction and thorough documented process provides a good audit foundation for SAS70 Type II requirements.

Gramm-Leach-Bliley Act of 1999

Zak's SAS 70 Type II compliant data security helps to address GLBA requirements.