ISAE 3402 and IDW PS 951

Responsibility and Control in Outsourced Processes

The responsibility for the outsourced processes and information always remains with the outsourcing company. Since sensitive customer information and personal data are often affected by the outsourcing, control measures must be carried out by the outsourcing company. We check compliance with the contractually guaranteed and legally implementable requirements. As proof of a professional organization and a functioning internal control system (ICS) of service providers in all industries, the IDW PS 951 standard and its international counterpart ISAE 3402 have already proven their worth.

IDW PS 951 N.F./ISAE 3402 – A Certificate for more Security

Regardless of whether you are a customer or a service provider and have outsourced or taken over outsourced functions, you benefit from a certificate in accordance with IDW PS 951. As a customer, you can be sure that your processes are in good hands. As a service provider, you can demonstrate your high quality standards to potential new customers and thus win demanding new customers and bind your existing customers more closely to you. An internal control system does not work in all cases – but if something does happen, thanks to the regular audit you have proof that you have implemented the necessary measures for risk management – and thus exclude organizational negligence.