Provide confidence with an ISAE 3402 certification

This includes
ISAE 3402 is a global standard used by companies when they outsource their financial information or IT operations to another organization. For example, when a company outsources its financial administration to another service provider or when a financial institution outsources its IT infrastructure to an external provider. With an ISAE 3402 you show that you properly control and protect the (financial) information in outsourced activities.
Why ISAE 3402
- Your customers will increasingly ask for it
- External parties or clients may/demand that your outsourced processes be audited when you cannot demonstrate this with a certificate
- You stand out from your competitors
- You show that your organization complies with legal obligations, such as the AVG, Financial Supervision Act (Wft), Pension Act (PW) and DNB regulations
What to expect from the implementation process
You can compile the control framework of the ISAE 3402 statement yourself. However, this requires knowledge of the standard. In fact, it is common to include a number of components such as:
- Description of the organization and risk management framework
- Control matrix with financial and general IT Controls
- Description of management objectives and associated management measures
- Management objectives aligned with the user organization's financial statements
- Measures to ensure compliance with ISAE 3402 reporting criteria
Implementing the ISAE 3402 statement is quite a challenge. Fortunately, our experts can help you with that. Because of our experience in information security and implementing management systems, we can guide your organization efficiently. Moreover, we partner with all Certifying Bodies (CIs) in the Netherlands. This ensures direct and fast communication to support you even better before, during and after the process. See also our about us page.
Frequently Asked Questions

Why Fendix?
Getting started with ISAE 3402
Want to get started with ISAE 3402? We have several services for you. Such as a GAP analysis for insight into what you need to do prior to your implementation or a guided or de-risking implementation process.
We have already helped these organizations
.png)


Schedule a no-obligation telephone intake today
What to expect.
