Expansion and ISAE 3402 statement

Expansion makes every effort to (verifiably) make it clear that it handles your information (processes) carefully. That is why we are ISO 27001 certified on information security and all procedures in this regard.

We have made an important step forward: Expansion obtained the ISAE 3402 type II certificate in January 2019. (Expansion has been complying with the ISAE 3402 type I since the end of 2018). This international outsourcing standard then gives you the guarantee that even in the case of (external) testing, the pre-set requirements are met afterwards: a measurable proof of effectiveness.

Both beforehand and retrospective guarantee of quality in service!

ISAE 3402 may not be as well known as the ISO 27001 certification, but it is certainly as important nonetheless. ISO 27001 already guarantees you as a customer that Expansion meets all the requirements and qualifications to handle your information in the right way. The ISAE 3402 statement gives you the extra assurance afterwards that all measures actually are in place and effective. We want there to be no doubt about that!

ISAE 3402 supports strict regulation in financial markets

The ISAE 3402 statement stems from the increasingly stringent regulations in the financial markets. ISAE 3402 has become the standard for outsourcing. As for all organizations that outsource their information management to DMS specialist Expansion. With this form of outsourcing, you want the guarantee that the service organization is reliable. The ISAE 3402 standard offers extensive possibilities to report on aspects such as risk management, information security, privacy, anti-fraud measures and continuity and to have this reporting checked by a third party.

ISAE 3402: customer ‘in control’

As more and more applications are offered as Cloud Services or through SaaS providers, the demand for ISAE 3402 statement is increasing. Customer organisations want guarantees on things like data protection, fraud prevention and protection of personal data. In many cases, however, they have limited insight into the security measures of their service provider. ISAE 3402 responds to this need: the customer is completely ‘in control’ again. Expansion always strives for maximum collateral for its customers and an ISAE 3402 statement fits right in.

ISAE 3402: tight procedures and compliance checks

ISAE 3402 statement has two different types: Type I and Type II. ISAE 3402 Type I describes and defines all measures and procedures; In ISAE 3402 Type II, the verification of compliance is carried out and certified by an external audit party.

Expansion is one of the few Dutch DMS service providers having an ISAE 3402 Type II statement. This sets us apart again in the market. This means that you have more certainty about the correct, reliable and confidential treatment of your most sensitive information.

The main benefits of ISAE 3402 in a row

  • Internationally recognized
  • Improved risk management
  • Full control
  • Verifiable effectiveness of measures

Expansion has 30 years of experience in implementing effective, reliable and secure document management solutions. You can also benefit from that knowledge and experience. Also when it comes to cloud solutions.

Do you want to store your information securely in the Cloud? We would like to send you more information about the extensive possibilities.

Let's get started

Do you want all your business-critical information in one system?