Because of the on-going digital transformation, companies are becoming more and more dependent on the Internet for their profits. They’re also facing more risk when it comes to security and privacy. At the same time, the movement towards the cloud, and the virtualisation of online environments, causes clients to have less insight into their applications. Mirabeau understands its clients’ interests, and has established a programme to make the quality of service offerings more demonstrable. That’s why, in collaboration with Ernst & Young, Mirabeau launched an ISAE 3402 certification process. Recently. Ernst & Young issued an ISAE 3402, type II declaration for Mirabeau’s Managed Services offering. It concerns the management, security and cloud services for the operation of business-critical digital platforms.
What is ISAE 3402?
ISAE 3402 is a globally accepted standard that indicates that a service organisation (like Mirabeau) executes tasks for third parties in an effective and well-controlled way. A variety of factors, including protection of business-critical data, fraud prevention, and the protection of personal data are among the key focus areas. ISAE 3402 is the only international standard of its kind that accountants accept when they perform audits. With it, Mirabeau distinguishes itself from the competition by providing tangible proof of its high quality standards.
‘The ISAE 3402 declaration gives our clients assurance that their digital platform is in good hands with us. We are particularly proud that we have been able to tangibly demonstrate the quality that we deliver. We’ll continue to engage in dialogue with our clients to ensure that this continues in the years to come,’ says Jeroen Bruseker, Managing Director of Mirabeau.
Due changing laws and regulations, internal company guidelines, and increasing dependence on their digital channels, clients seek security when they outsource their website management, security service offerings and cloud management. Often, organisations have limited insight into whether or not their suppliers have their affairs in order. The organisations – and their accountants – want assurance when outsourcing. Core questions in this area include: Who has access to information? Have sufficient measures been taken to prevent fraud? And are these measures observed? Regulators, like DNB and the AFM, require banks, pension funds and insurers to provide sufficient information about the processes they outsource. Now, Mirabeau can formally authenticate the quality of its Managed Services offering with the ISAE 3402, type II report. Mirabeau’s clients no longer need to perform quality checks on their own, which saves time and money.
Ernst & Young
Earlier this year, auditor Ernst & Young successfully tested the efficacy of Mirabeau’s internal control framework, and their findings are described in the report. A type II declaration comprises the design, the presence and the operational effectiveness of the control framework. Tested – with retroactive effect – over a period of six months.
Dennis Houtekamer, Executive Director Ernst & Young Advisory: ‘An ISAE 3402 report highlights the Mirabeau organisation’s calling card of quality.’