ISAE 3402

The world is increasingly getting interconnected, due to a higher demand on supply chains and keeping up with competitors. This often enrols in a focus on what you do best with others focus on their field of expertise. Outsourcing of processes and/or systems is often is realistic outcome. The downsize of outsourcing is a lack on inside on whether the service provider keeps up with the agreement made with you and whether they act in your best interest.

It’s therefore important that the service organization to who you have outsourced vital elements of your business is handling and servicing reliable and in your intrests. Reliability can be subdivided into various aspects such as risk management, information security, privacy, anti-fraud measures and/or continuity. All these aspects can be captured in a service organisation report based upon the ISAE 3402 standard. This report is drafted by the service organisation as a reflection on how they manage their business. 3angles is authorized to certify this report as auditors, and can act as your independent third party.

An ISAE 3402 report not only provides insight into the reliability and therefore also the quality of the outsourced service, but also serves as an external  confirmation that the set of agreed internal controls exists and has worked effectively. ISAE 3402 reports come in two variants:

  1. a type I report. A type I focuses on design of your risk management and internal control measures
  2. a type II report also confirms the effective operation during a certain period.

More and more these reports demonstrate sound management and reliability.  For our services with regard to ISAE 3402, please feel free to contact one of our specialists:

Arjan Hassing (

Eric Westhoek ( or

Nico van Rijn (