Organizations often face inquiries about security standards from (potential) clients; what are the differences between an ISAE 3402 | SOC1, ISAE 3000 | SOC2, and an ISO 27001 audit? Which standard is more applicable to our business, ISAE or ISO 27001? What are the pros and cons of ISAE versus ISO 27001? ISAE 3402 and ISO 27001 are fundamentally different types of standards with equally dissonant usage.

Systems and Controls – SOC reporting revolves around controls. An ISAE 3402 | SOC 1 report focuses on financial outsourcing, including asset management, SaaS providers (financial software), data centers (storage of financial data).

The ISO/IEC 9001 standard is the international standard for quality management. The ISO 9001 standard focuses on two key aspects: meeting customer requirements and enhancing customer satisfaction. To achieve this, the ISO 9001 standard specifies several specific aspects outlined in requirements. When implementing this standard, there are many benefits.

Nowadays, there is increasing news about data breaches. Entire documents and data from companies, as well as their stakeholders, are easily accessible. This can have many consequences for the stakeholders, but perhaps even more for the company.

The Dutch Data Protection Authority has defined a data breach as an incident involving access to or destruction, alteration, or unauthorized disclosure of personal data at an organisation without the intention of the organisation itself.

The ISAE 3402 standard states that reports made in accordance with ISAE 3402 already provide sufficient evidence under ISA 402, audit considerations relating to an entity using a service organization. In other words, ISA 402 focuses on the responsibility of the user organization to obtain adequate and appropriate control information when a user organization uses one or more service organizations.

A vulnerability scan, penetration test (pentest) and Red Teaming are different ways to test cybersecurity. The terms are often confused or misused. Do you know which test best fits your needs? In this blog post, we will cover the difference between red teaming vs penetration testing vs vulnerability scanning.

Securance, a leader in integrated risk management and cybersecurity solutions in Europe, is excited to announce a new partnership with Kiwa, an esteemed provider of certification and compliance services. This collaboration will focus on ISO certifications and Assurance services, enhancing our offerings while maintaining our distinct expertise in our respective fields.

As financial institutions increasingly rely on digital systems, the need for robust operational resilience has never been more critical. The Digital Operational Resilience Act (DORA) is a pioneering regulation aimed at fortifying the financial sector against digital disruptions. This blog explores how DORA enhances the sector’s resilience.

The Windows operating system by default includes an administrator account for management purposes whose password is the same in many environments on multiple systems.

Why password reuse is common

The Windows operating system by default includes an administrator account for management purposes whose password is the same in many environments on multiple systems.