Skip to main content

ISAE 3402 provides assurance to customers

ISAE 3402 is an assurance standard to report on risk management, the controls and services provided to customers by service organizations.

IT Service providers

A ISAE 3402 | SOC 1 report provides comprehensive insight in security risks and management to customers.

Property management

Property management in accordance with ISAE 3402 provides assurance over financial processes and security


Datacenter compliance, secure for financial institutions and international corporates.

Financial Services

Risk management and effective control over financial processes, in acccordance with legal requirements.
ISAE 3402 vs ISO 27001

Implement ISAE 3402

What is the impact of ISAE 3402? What are the requirements?
For a SOC1-report in accordance with ISAE 3402 relevant controls should be included and auditable. The SOC1 is audited by an external auditor.
All outsourced processes should be in scope, generally this includes the General IT controls and operational processes with an impact on the annual report of your customers
If processes are outsourced by your customers and process have a material impact on the annual report, an ISAE 3402 report will be appropriate. Other organizations under supervision of for example the FSA should be able to demonstrate that outsourced processes are under control.

More information?

Do you want more information on the impact and requirements of ISAE 3402? Please download ISAE 3402 Whitepaper