Certification of your services can contribute considerably to the trust in your services. Deloitte can provide you with certification through a SAS70 / third party memorandum on internal processes.

For example: An organization has outsourced (all or part of) its process to you, for example back office handling of stock transactions at a bank or automated data processing. Your client and his accountant will want security about the quality of your management of these processes. They will also want to know whether your IT environment is reliable and safe.

As an impartial, independent and expert party Deloitte can set up an investigation into your internal controls. Several approaches are available, such as the Statement on Auditing Standards No. 70 (SAS70, AICPA) and the third party memorandum approach (TPM). SAS70 and TPM investigations include the following activities:

1. Formulating a code and assessing reach (SOLL position)
2. Making an inventory of the set-up of measures of internal controls and security (IST situation)
3. Analyzing the differences between the current situation and the code (IST versus SOLL)
4. Reconstruction period (if necessary)
5. Testing of adequate functioning of measures (attestation)
6. Reporting

The investigation is based on a previously developed code. This code is established in close cooperation with all involved parties, including your client.