In today's global economy, companies must comply with ever-expanding regulations at the international level. Due to various industry regulatory and risk standards, organizations are increasingly required to demonstrate adequate controls and security of their clients' data, which means that a trusted auditor is more important today than ever before.
For our clients, we perform third-party assurance of the services provided or we confirm the setup of their established control procedures. We deliver to our clients the conclusions of the verification of their control procedures or their supplier. We always prepare an assessment of the organisation's environment based on an understanding of its environment, so that conclusions are prepared as efficiently and effectively as possible.
Our third-party assurance services specialists can offer companies services in accordance with applicable professional standards while meeting the requirements of the third-party service client.
SERVICES
ISO
________________________________________
ISO 27001 focuses on the development and maintenance of ISMS (information security management system), which is an overarching method for managing data protection practices. To achieve this standard, you need to conduct a risk assessment, identify, and implement security controls, and periodically review their effectiveness.
ISAE
________________________________________
ISAE 3402 is a third-party assurance mechanism (primarily suppliers) in the form of SOC (Service Organisation Controls).
SOC
________________________________________
SOC refers to assurances of controls that could have an impact on the financial statements.
SOC 2
________________________________________
SOC 2 refers to assurance of IT controls. Five basic criteria are included according to which the control is performed.
SOC 2+
________________________________________
SOC 2+ is an extended assurance of IT controls. It contains 4 added criteria over SOC 2.
SOC 3
________________________________________
It also concerns assurances of IT controls. However, unlike SOC 2, these reports are usually not detailed, and they are rather general. In most cases these reports are freely available to the public.
CONTACT OUR TEAM