Due to current developments in outsourcing and the associated risk management, SASconsult has developed an implementation model that enables a cost-efficient ISAE 3402 implementation. This model (the SAS | Modeller) is delivered in a web tool that includes the process flows. The result is that the processes and controls required under ISAE 3402 are visible to everyone (via, for example, the intranet).

The widely adopted COSO (Committee of Sponsoring Organizations of the Treadway Commission) risk framework, frequently utilized in the implementation and auditing of standards such as ISAE 3402 or ISO 27001, is due for a comprehensive update.

General

Since the beginning of 2012, negotiations have been underway to finalise the content of the Omnibus II directive and the Level 2 implementing measures. The definitive agreement on the Omnibus II directive is expected shortly. The definitive agreement on the Level 2 implementing measures is expected in the autumn. The focus lies on the risk-free curve, capital requirements, and own funds, as well as transitional measures.

Pillar Developments 

Additionally, there are developments per pillar:

The Corporate Governance Foundation is the driving force behind the ISAE 3402 register. The ISAE 3402 register is a publicly accessible database that lists organisations that have been certified to ISAE 3402. The ISAE 3402 register focuses on reliable partners, provides a platform for companies to showcase their ISAE 3402 certification, and promotes knowledge sharing and development in the field of ISAE 3402.