archive-nl.com » NL » I » ISAE3402.NL

Total: 336

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".

  • is the practical implication of ISAE3402 A pension fund is legally required to demonstrate that outsourced activities are under control The investment manager prepares a Service Organization Control SOC report In the SOC a description of the control framework a management confirmation and an assurance report in compliance with ISAE3402 are included Example A Pension fund outsources the investment management activities Since the pension fund is under supervision of supervisory authorities all activities outsourced should be under control A ISAE3402 report can asist in demonstrating that the outsourced activities are actually in control For the preparation of a SOC different standards exists AAF 01 06 ISAE3402 and SSAE16 US Technically speaking these reports are SOC reports tested by an audit firm under ISAE3402 or another standard The auditor of the pension fund uses the ISAE3402 reporting for the annual financial audit of the pension fund The advantages for the pension fund are control can be demonstrated to the supervisory authorities and the audit process is more efficient since the user auditor is not required anymore to pay onsite visits at the service organization An auditor can issue a ISAE3402 type I and a ISAE3402 type II statement An ISAE3402 Type

    Original URL path: http://www.isae3402.nl/en/what-is-isae3402?language=nl (2014-12-07)
    Open archived version from archive



  • for providing assurance under a specific framework which is not a framework for annual reporting This implies that an engagement conducted under ISAE3402 also is required to be in accordance with the regulations included in ISAE3000 Stichting Corporate Governance Nieuwsbrief Blijf op de hoogte over de laatste ontwikkelingen op het gebied van risk management Vul uw e mailadres in een abonneer op onze gratis nieuwsbrief Versturen Twitter Feed StCorpGov SASconsult

    Original URL path: http://www.isae3402.nl/en/isae3000?language=nl (2014-12-07)
    Open archived version from archive


  • Contact Home ISAE3402 ISAE3402 report Required components ISAE3402 I A description of the control framework II A written assertion by management of the service organization that in all material respects and based on suitable criteria a The description fairly presents the service organization s system as designed and implemented as at the specified date b The controls related to the control objectives stated in the service organization s description of its system were suitably designed Service auditor report The service auditor conveys reasonable assurance about the matters under I and II and includes a descriptions of the tests of controls A service auditor can issue a ISAE3402 type I and an ISAE3402 type II report The most important difference is that an ISAE3402 type I report refers to a specific moment and only provides assurance on the design and existence of controls described An ISAE3402 type II report also provides assurance on the operating effectiveness of controls Stichting Corporate Governance Nieuwsbrief Blijf op de hoogte over de laatste ontwikkelingen op het gebied van risk management Vul uw e mailadres in een abonneer op onze gratis nieuwsbrief Versturen Twitter Feed StCorpGov SASconsult adviseert TelecityGroup SASconsult http t co f8MqhnVUPV Dec 03

    Original URL path: http://www.isae3402.nl/en/isae3402-report?language=nl (2014-12-07)
    Open archived version from archive


  • might comprise an informal process for identifying risks ref ISAE3402 A10 COSO ERM In the original SAS70 standard a reference was made to the COSO risk management framework In the ISAE3402 a specific reference to the COSO framework is not made In the ISAE3402 framework references are made to event identification risk analysis information providing the control framework and monitoring Indirectly a reference is made to the COSO ERM framework

    Original URL path: http://www.isae3402.nl/en/risk-management?language=nl (2014-12-07)
    Open archived version from archive


  • FAQ rating Contact Home ISAE3402 Scope ISAE3402 Required scope ISAE3402 The required scope are all controls that are likely to be relevant for an user entity as it relates to financial reporting This implies that non financial processes and controls should be excluded from the ISAE3402 scope principally Controls that only affect the user entities production or quality controls should be excluded from the scope Example scope This brings some specific issues how should one treat the SLA agreements for a hosting or ASP provider Strictly theoretical these should be excluded from the scope since these refer to the quality provided by the hosting provider and not to financial processes If these specific SLA agreements refer to downtime or problem management these processes could indirectly have a material impact on financial reportings An auditor should always make a specific assessment of processes will directly or indirectly have an effect on reporting processes at the user organization Stichting Corporate Governance Nieuwsbrief Blijf op de hoogte over de laatste ontwikkelingen op het gebied van risk management Vul uw e mailadres in een abonneer op onze gratis nieuwsbrief Versturen Twitter Feed StCorpGov SASconsult adviseert TelecityGroup SASconsult http t co f8MqhnVUPV Dec 03 Neem

    Original URL path: http://www.isae3402.nl/en/scope-isae3402?language=nl (2014-12-07)
    Open archived version from archive


  • among parties the demand for control over outsourcing increases Is my organization able to prepare the ISAE3402 report An ISAE3402 report will be audited by an external auditor The reporting should be prepared in accordance with audit regulations If the responsible co workers have an audit background this will improve the process of preparation Specialized organizations can assist you with preparation of the report and manage the audit proces Is it appropriate that my client requires and ISAE3402 reporting If processes are insourced by your enterprise and these process will have a material impact on the annual report of the service organization an ISAE3402 report will be appropriate Other organizations under supervision of for example the FSA should be able to demonstrate that outsourced processes are under control What is the advantage of ISAE3402 for my organization ISAE3402 is the international standard for control over outsourcing In international tenders an ISAE3402 certification will probably be required in outsourcing situations Another advantage is that your internal processes will alligned and better formalized Should the General IT controls be included in the ISAE3402 report Yes it is required that informationsystems are included in the ISAE3402 report ref ISAE3402 16 What are achat cialis the required sample sizes for an ISAE3402 audit Dit is an example of the European practice In principal ISAE3402 requires http glbtpridestore com online that sample sizes are in line with the reduction of risk to a reasonable level In the PCAOB guidelines a sample size of 25 is required for daily controls These guidelines are not included in the ISAE3402 standard What is an subservice organisatie en what is carve out A subservice organization is an organization that insources processes of a service organization If for instance an asset manager outsources the hosting of their servers this might

    Original URL path: http://www.isae3402.nl/en/faq-isae3402?language=nl (2014-12-07)
    Open archived version from archive

  • ISAE3402 Register | ISAE 3402
    Management Type II Internal Control 31 Dec 2012 Meer informatie 90 100 Circle Partners Fund Administration Type II Internal Control 28 Jan 2014 90 180 Grontmij Vastgoedmanagement Vastgoed Management Type II Internal Control 31 Oct 2014 Meer informatie 90 138 Geodan SaaS Cloud Services Type II Security 25 Mar 2014 90 174 EPOC Vastgoed Management Type I Internal Control 30 Sep 2013 90 096 CSN SaaS Cloud Services Type II Internal Control 23 Dec 2009 90 090 Kaufman Rossin Fund Services Type II Internal Control 31 Dec 2013 90 106 ACM Vastgoedbeheer Real Estate Type II Internal Control 17 Feb 2014 Meer informatie 90 051 De Hypothekers Associatie Real Estate Type I Internal Control 02 Feb 2009 90 152 Kasbank vermogensbeheer Type II Internal Control 26 Apr 2013 90 053 AON Consulting Pensioen pensioenuitvoerders Type II Internal Control 31 Dec 2013 90 072 Zurich Financial Services vermogensbeheer Type II Internal Control 13 Dec 2004 90 159 Montesquieu IRM B V Overige dienstverlening Type II Internal Control 14 Apr 2014 90 205 Netagio SaaS Cloud Services Type II 31 Dec 2013 90 110 ATC Corporate Services Fund Administration Type II Internal Control 04 Jan 2010 90 095 Adhost Collocation Datacenter Hosting

    Original URL path: http://www.isae3402.nl/en/all?language=nl (2014-12-07)
    Open archived version from archive

  • ISAE3402 Register | ISAE 3402
    2014 90 119 Infratects Type II Internal Control 30 Nov 2013 Meer informatie 90 138 Geodan Type II Security 25 Mar 2014 90 096 CSN Type II Internal Control 23 Dec 2009 90 116 Control Pay Type II Internal Control 30 Jun 2012 90 208 Nines BV Type I Internal Control 01 Nov 2014 90 198 Profource Type I Internal Control 31 Jul 2014 90 158 WebElect Type I Internal Control 26 Apr 2013 90 067 Partena Type II Internal Control 23 Nov 2006 90 032 Citadel Solutions Type II Internal Control 29 Dec 2008 90 196 Superp Type I Internal Control 27 May 2014 90 151 Jurjen de Vries Retailmanagement Type I Internal Control 11 Apr 2013 90 078 Opsource Type II Internal Control 06 Sep 2005 90 071 Ceridian Type II Internal Control 31 Dec 2013 90 163 12Care Careweb Type II Internal Control 28 Apr 2014 90 139 Database Fulfilment B V Type I Internal Control 29 Jan 2013 Meer informatie 90 030 Neospire Type II Internal Control 07 Feb 2008 90 122 Axxerion B V Type II Internal Control 13 Jan 2012 90 154 Unit4 Type II Internal Control 17 Jan 2014 Pages 1 2 3

    Original URL path: http://www.isae3402.nl/en/saas?language=nl (2014-12-07)
    Open archived version from archive