Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

ISAE 3402

Welcome to the ISAE 3402 topic!

In this topic you may collaborate with your peers by participating in discussions, adding links and documents, and starting or contributing to wikis.

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
216 Members
1 Online
6248 Visits

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 10 total

Must be a Topic member to contribute
View All »
Dear community I was wondering if it is allowed to use comfort letters to gain assurance for a control in an ISAE instead of self-testing the control. Thanks for your supportMike
Michael276 | 9/7/2017 8:18:36 AM | COMMENTS(6)
Hello, I also posted this in the 27001 topic. When outsourcing data/cervices to vendors, can someone provide more context on the value of the vendor having a ISAE2402 vs. ISO27001 certification?  I'm trying to identify the pros/cons of each, and what wo...
SArndt | 9/6/2017 3:10:45 AM | COMMENTS(5)
I've found a formulation in several 3402's, wish I believe may not be entirely correct. In formulating the result of testing this is what the auditors write:"We have not, in our audit, observed any computeres that have not been configured correctly." I be...
allanbirnbaum | 9/5/2017 8:14:19 AM | COMMENTS(3)
Hi Folks, Can someone share a link to a ISO27001 - ISAE 3402 Control Mapping?Do you know if such a things exists? Bests Regards, Julian.
Julian Davis | 9/5/2017 5:53:20 AM | COMMENTS(3)
Hi Members, My name is Satish Kini, and iam the Community Leader for ISAE 3402, i have been observing that ISAE 3402 is not attracting much attention, so i have got a response from ISACA suggesting that SSAE 16 (SOC 1), SOC 2, SOC 3 may also be discuss...
Satish Kini | 8/15/2017 12:11:05 PM | COMMENTS(3)
Does anyone has experience to perform a proper reliance on the "generic" SSAE16 and/or ISAE3402 report? - How to deal with service auditor opinion:          -unqualified opinion, but ends with howevers... (exceptions/exclusion of controls)         -qualif...
Supriadi125 | 1/21/2016 8:17:52 AM | COMMENTS(2)

Documents & Publications: 3 total

Must be a Topic member to contribute
Posted by ISACA 1597 days ago
SOC 2 Standard (AT 101)
Posted by Satish Kini 2023 days ago
AICPA SSAE 16 Standard (AT 801)
Posted by Satish Kini 2023 days ago

Events & Online Learning: 0 total

No Results Found

Journal Articles: 1 total

Volume 3, 2012
by Pritam Bankar, CISA, CISM and Harmeet Kaur, CEH
This article highlights the need for SSAE 16, the notable differences and similarities between SSAE 16 and SAS 70, and estimates the effort required to transition to the new standard

Wikis: 2 total

Blog Posts: 1 total

Must be a Topic member to view blog posts
I often get in discussions around the need of Certification to the Need of Assurance.  One such interesting discussion led me to evaluate the conceptions and misconceptions that prevail in the industry. I thought why not share it with the rest of the folk...
Posted By : Mayank | 1 comments