Cobase is proud to have received the ISAE 3402 Type I certification as well as the SOC2 certification. This provides our customers and other stakeholders the assurance that Cobase manages its IT environments in a responsible manner and that we take IT security very seriously. Cobase was already ISO27001 certified.

In the everchanging Fintech system landscape, accountants and security departments are nowadays increasingly asking for these certifications. Without proof of certification from their service provider, companies that outsource business processes may be questioned by their accountant when the annual reports are written.

Organizations that outsource processes remain ultimately responsible for the management of these processes. This raises the question of how service providers perform this management; how they deal with risk management, information security and fraud detection. ISAE 3402 and SOC2 provide the answer to these questions.

They are international standards and have 2 types of reports: Type I, for the design and existence of management measures and Type II, in addition to the design and existence, the effective operation of the management measures for a certain period also have to be demonstrated.

The certifications confirm that the control processes, information security and control measures for the availability, integrity and confidentiality of our services are effective. Cobase has already started the exercise to obtain the type II certifications as a next step.