Successfully Completed ISAE 3402 Report Type 2
In our blog post last November we already talked about our ISO27001 certification and our ISAE 3402 Report Type 1. I am happy to announce that we successfully completed the ISAE 3402 Report Type 2 in January 2021.
About ISAE
Even though not mentioned explicitly in the Rundschreiben 2018/3 circular, lots of FINMA regulated companies requires a ISAE 3402 Report Type 2 from their suppliers. This report provides substantial added value, ensuring conformity to current regulations.
In Switzerland there are the two FINMA circulars: Rundschreiben 2008/21 and Rundschreiben 2018/3, the latter regulating outsourcing rules for companies in the financial sector.
As mentioned before, we completed the ISAE 3402 Report Type 1 in June 2020, which assesses the suitability, design, and implementation of controls. During January 2021 we completed the ISAE 3402 Report Type 2 for the year 2020. This report additionally evaluates the effectiveness of the controls during the test period, that is, their definition and concrete implementation.
Our ISAE 3402 Report Type 2 was audited by ERM Solution AG.
More Information
If your company requires a yearly ISAE 3402 report for audit or revision, please contact our sales and marketing team. We remain at your service for any enquiry; contact us if you need more information.
Daniel Hauswirth
Daniel Hauswirth is CISO and DevOps Engineer in VSHN. He holds a BSc Hochschule Luzern/FHZ in Computer Science, and is working towards his MAS in Information and Cyber Security at HSLU.