BWise Application Management Services and SaaS certified for ISAE-3402
's-Hertogenbosch, May 3 2011 – BWise, the global leader in Governance, Risk and Compliance management (GRC) software, announced today that external auditor KPMG has confirmed BWise as ISAE-3402 certified for its Application Management and Software-as-a-Service (SaaS) programs. ISAE-3402 is the global standard that provides assurance to customers of a Service Organization’s Controls (SOC’s) and outsourced services, such as SaaS or application management services. With the independent ISAE-3402 certification, BWise’s service organization is considered dependable and trustworthy, all relevant risks are covered with adequate control objectives and operational controls. The quality and verifiability of BWise’s application management and SaaS are being monitored and controlled with the BWise GRC software itself.
The international ISAE-3402 standard replaces the well-known SAS70 standard. ISAE-3402 is vital for services companies to provide their customers with a reliable statement on the management of controls on the outsourced processes of the customer. More than forty three controls are audited by KPMG, such as, access controls, incident management controls and change management controls. The ISAE-3402 standard is primarily focused on the effects and dependencies that are relevant to a customer’s financial reporting.
Tonny Boerboom, COO at BWise, said, “To keep the expertise, quality and continuity of the BWise application at a high level and gain maximum return on investment, BWise customers frequently decide to outsource application management to BWise itself. The BWise application management team has access to product development and the project organization that initially implemented the customer’s software and is therefore a logical outsource partner. The international standard ISAE-3402 has the same basis and is comparable to the US standard SSAE16 SOC 1. BWise has chosen to adhere to the international standard ISAE-3402 due to the world-wide customer base we serve.”
Robert Pijselman, CEO at BWise, said, “ISAE-3402 certification is an acknowledgement of the quality of our service. BWise continues to invest in the quality and verifiability of these services. All workflows and risks that are relevant to BWise application management services and SaaS are documented, assessed and controlled in our own BWise application. This leads to better management and lower audit costs. Enterprises that are considering ISAE-3402 certification themselves can use the BWise GRC platform as a tool to support these endeavors too.”