The relationship between:

ISAE 3402 and ISA 402

The ISAE 3402 standard states that reports made in accordance with ISAE 3402 already provide sufficient evidence under ISA 402, audit considerations relating to an entity using a service organization. In other words, ISA 402 focuses on the responsibility of the user organization to obtain adequate and appropriate control information when a user organization uses one or more service organizations. It is important to note that many financial reporting standards, as well as a number of supporting standards, also play a role in interpreting, understanding, and facilitating that standard itself, as is the case with the ISAE 3402 standard.

Share this blog

December 18, 2024

Common cryptographic vulnerabilities Cryptography is often used in the most...

    July 16, 2024

    Detecting and bypassing anti-Adversary-in-the-Middle (AitM) tokens Within the Advanced Red...

      July 15, 2024

      What is XXE (XML eXternal Entity) injection? A lot of...