We are experienced with SAS 70 (now SSAE 16) and SysTrust Reports as well.  These are Audit reports for a service provider that state that they have been through an in-depth audit of their control objectives and control activities relating to financial, operational and Information Technology related Processes. A SAS 70 is more general and covers all controls and a Systrust is specific to IT controls. For SAS 70's we can perform either a Type I or Type II report although we always recommend a Type II report as this is the only one that can be relied upon by external auditors. For SysTrust audit we focus on testing and certifying to System Reliability by using the Security, Availability and Processing Integrity Principals.