SECURANCE will support Fujitsu Netherlands in implementing ISAE 3402. Fujitsu is a global provider of dynamic IT infrastructures. More than 170,000 Fujitsu employees support customers locally in 70 countries. Fujitsu’s headquarters are located in Tokyo.

Insurers are actively implementing the Solvency II guidelines, managing them alongside their capital and risk management. The repercussions of decisions in this context will extend beyond the boardroom, affecting the relationships between both individual and corporate policyholders and insurers. These potential consequences have been explored and documented in a report by The Economist Intelligence Unit, involving 254 EU organizations, including insurers, financial institutions, and non-financial institutions.

As of February 1st, TCS Fund Services B.V. (part of Teslin CS) has completed the implementation of ISAE 3402. This demonstrates the organization’s control over internal processes.

More organizations are outsourcing IT or other processes. This outsourcing brings efficiency but also risks. Is information security well managed? How is privacy handled? The ISAE 3402 standard is the standard for reliable outsourcing and provides answers. This standard ensures that aspects such as risk management, information security, privacy, anti-fraud measures, and continuity are controlled. An ISAE 3402 | SOC 1 report describes how risks are managed.

ISAE 3402 | SOC 2

ISAE 3000 | SOC 2 is the international standard for security and other non-financial information. ISAE 3402 is applied when there is outsourcing involving financial information processed by the service organization. If this is not the case, then SOC 2 can be used, for example, when only the General IT Controls (GITC’s) are included in the scope of the SOC report. The SOC 2 standard does not include provisions for internal control; for example, the COSO framework. These components are therefore not mandatory in a SOC 2 report.

When improving processes in an organization, the Theory of Constraints (TOC) emphasizes the importance of including the supply chain and market engagement in the analysis. Operational Excellence is achieved by eliminating constraints throughout the entire process, from procurement to production (operations) to sales. This seems simple, but according to Goldratt (the creator of TOC), “The more complex a system is, the more profound its inherent simplicity.” The execution is complex, not the solution.

EUROPEAN PRIVACY REGULATION

The European Commission has decided that the current legislation no longer aligns with the continuous changes resulting from digitization. This new privacy regulation comes in the form of a European regulation applicable to all organizations in the European Union; the General Data Protection Regulation (GDPR). The GDPR applies directly in all EU member states without the need for transposition into national law.

The ISO/IEC 9001 standard is the international standard for quality management. It focuses on meeting customer requirements and enhancing customer satisfaction. Specific aspects within the ISO 9001 standard are outlined as requirements.

Currently, more people are working from home than ever before, bringing numerous risks for organizational security. Global data breaches are on the rise, potentially causing significant consequences for businesses. By maintaining security control, organizations can not only retain customer trust but also mitigate financial losses.

Economies of Scale

Since the Industrial Revolution, organizations have been questioning how to leverage their competitive advantage to expand their market share and profitability. The dominant model in the 19th and 20th centuries was the large integrated organization. In the 1950s and 1960s, companies broadened their bases to benefit from economies of scale.