Assessing effectiveness and building your customers’ trust

Our ISAE & SOC Reporting services provide independent and objective reports on the design, implementation and operational effectiveness of controls at service organizations. These services include compliance with international standards that certify the quality of your processes for your customers. We issue the following reports: 

  • ISAE 3402
  • ISAE 3000
  • SOC 1
  • SOC 2


ISAE 3402 & SOC1

ISAE 3402 & SOC1 assurance reports are issued for processes relevant to financial transactions. These assurance reports assist in evaluating the design, implementation and operating effectiveness of the service organization’s controls that impact the user entities’ financial statements. 

ISAE 3000

ISAE 3000 assurance reports are issued for all types of outsourced processes that are not relevant for financial transactions.


SOC 2 assurance reports provide reasonable assurance that the service organization’s service commitments and system requirements were achieved based on the trust services criteria relevant to security, availability and processing integrity of the systems used to process its users’ data, and its confidentiality and privacy of the data.

Readiness support

We offer guidance to organizations to increase their internal control maturity level in order to achieve a successful ISAE or SOC statement. We also assist organizations in designing an ISAE or SOC control framework.

What can you expect from us?

  • Insights
  • Approach
  • Network
  • Insights
    New insights that lead to improvements in your internal control
  • Approach
    Pragmatic approach at fair and competitive prices
  • Network
    Access to a large and international network with associated knowledge and connections

For service organizations that provide outsourcing services and handle sensitive client information, trust is your currency. Managing information technology, or providing payroll, procurement, financial or other services comes with numerous challenges and risks.

Existing and future clients, as well as stakeholders, want reassurance that there are appropriate controls and safeguards in place over the data and processes that are being used to service their customers.