Assurance reports are gaining popularity and service providers advertise about having certifications and assurance reports. Lots of certifications and reports are shown by various data centers, but why is it important? In this blog we will provide you with the top 4 advantages of using a company that can provide a type II assurance report like SOC 1, SOC 2, SSAE16 and ISAE 3402.
It gives confidence
One of the most important things of an assurance report, it provides assurance over the service of the service organization. It gives you confidence! An independent professional accountant (an individual who is a member of an IFAC member body) is hold to a strict code of ethics and described their opinion about the services audited in the assurance report. Also, you can exactly read which controls are implemented in the service organization that gives you the comfort the service organization takes good care of the services they offer (like security and continuity).
Saves time and money for your accountant
When financial related processes are outsourced, or parts of financial related processes, a financial auditor needs to provide assurance on, e.g. the physical security of the data. Instead of your financial auditor visiting the service organization to which you have outsourced your services, the financial auditor can use the assurance report that saves lots of time and money during the audit.
ISAE 3402 is complementary to your internal control framework
Organizations that have a large control framework to make sure direct and indirect risks regarding the business needs to be mitigated, can use the controls in the assurance report to mitigate risks for the outsourced services. By using an assurance framework explicitly in your own framework, you are sure that your business processes are protected for all the risks mentioned in your risk assessment.
Completes your assurance report for your end-users
If your company provides assurance to your end-users, using the assurance report of your service- and subservice organization(s) will make it easier for you to create your own assurance report. It is not necessary to carve-out the subservice organization or to perform the audit on the service organization yourself (or by your auditor). Your company will save time and money.
Using a service organization that provides a type II assurance report has multiple benefits, also when the service organization is not used within the outsourcing of financial processes. The report is not only relevant for accountants and auditors, it is great value for the company itself in the provisioning of trust and as part of your internal control framework.
It is very important for us to show our clients we take all necessary precautions to offer secure and reliable services. To be transparent Datacenter.com independent auditors perform multiple audits a year. With an assurance report like ISAE 3402 type II we can show our customers we do the things we promise!
To learn more about our certifications and how we control our operation, just give us a call at +31 (0)20 2384200, or drop us an email at info-mailbox.
Article by Jouke Albeda, Compliant & Security Officer.