IRIS CARBON® – our SaaS disclosure management and XBRL/iXBRL reporting platform – is now ISAE 3000 and 3402 certified. The certification is testimony to IRIS CARBON®’s commitment to providing our clients with the best-in-class security systems and maintaining the integrity of internal controls.
What’s An ISAE Certification?
ISAE 3000 and 3402 are standards published by the International Federation of Accountants (IFAC).
An International Standard on Assurance Engagements 3000 (ISAE 3000) certification is meant to reassure clients of the reliability of the information security management, cloud hosting and processing, and operating systems of a SaaS provider such as IRIS CARBON®.
The ISAE 3402 certification, meanwhile, is concerned with IRIS CARBON®‘s internal controls that relate to the client’s financial information processing. These certifications prove the effectiveness of our internal control systems after comprehensive testing and auditing.
Two ISAE Report Types
An ISAE 3000 and 3402 certification involves two types of reports: Type 1 and Type 2
A Type 1 report only talks about how internal controls are designed and implemented. A poor design would indicate inefficiencies in internal controls and implementation. A Type 1 report allows organizations to rectify issues stemming from poorly designed and implemented internal controls.
A Type 2 report goes beyond the design and implementation of internal controls to check the effectiveness of those controls. Internal controls can be well designed and implemented but fail to achieve their intended objectives. A Type 2 report is issued after an organization ensures the controls are designed and implemented effectively.
Why Go For An ISAE Certification?
An ISAE audit report means the security systems in place for an organization and the products are internationally acceptable. Moreover, the organization would receive independent advice on improving the security of your products and services.
The ISAE certification covers all aspects of every business’s ethical practices – be it quality control, data security, processes, and more. IRIS CARBON®, as always, is committed to ensuring the highest level of safety for confidential data and the privacy of our clients.
The assurance report issued by RSM Astute Consulting Pvt. Ltd was the result of extensive audits and covered controls related to information systems, hardware and software support, and more. This certification highlights the effectiveness of our adequate internal controls to ensure the safety of our customer’s sensitive information.
IRIS CARBON® is also SOC 2 compliant. Read about it here.