Is it the SDS Team's intention to have a service auditor perform an AICPA Statement on Auditing Standards No 70, “Report on the Processing of Transactions by Service Organizations”, Type I or (preferably) Type II audit in time that would permit the result of the audit to be available by SDS's RTW?
Here’s part of what MSFT's Microsoft’s Software as a Service (SaaS): An Enterprise Perspective 2006 whitepaper by Gianpaolo Carraro and Fred Chong has to say about SAS 70: "SAS 70 is not a law, but auditing and disclosure standards in various jurisdictions around the world (such as Sarbanes-Oxley in the United States) make up-to-date SAS 70 reports a de facto requirement for any business that provides services to other businesses, and any SaaS provider should consider having one readily available for examination."
Amazon published Amazon Web Services: Overview of Security Processes on 9/5/2008, which contains the following statement regarding SAS 70 audits: "AWS is working with a public accounting firm to ensure continued Sarbanes Oxley (SOX) compliance and attain certifications such as recurring Statement on Auditing Standards No. 70: Service Organizations, Type II (SAS70 Type II) certification. These certifications provide outside affirmation that AWS has established adequate internal controls and that those controls are operating efficiently."