SAS 70 engagements are generally performed by control oriented professionals who have experience in accounting, auditing, and information security.  A SAS 70 engagement allows a service organization to have its control policies and procedures evaluated and tested (in the case of a Type II engagement) by an independent party.  Very often this process results in the identification of opportunities for improvements in many operational areas.

User organizations that obtain a Service Auditor's Report from their service organization(s) receive valuable information regarding the service organization's controls and the effectiveness of those controls.  The user organization receives a detailed description of the service organization's controls and an independent assessment of whether the controls were placed in operation, suitably designed, and operating effectively (in the case of a Type II report).

User organizations should provide a Service Auditor's Report to their auditors.  This will greatly assist the user auditor in planning the audit of the user organization's financial statements.  Without a Service Auditor's Report, the user organization would likely have to incur additional costs in sending their auditors to the service organization to perform their procedures