Auvaro has a team of experienced IT auditors that assess and advise on the use and control of IT within organizations. These IT auditors have expertise in information security, IT management and the coordination between business processes and IT. The articles below describe in which areas we can support you.
Combining audits offers certain advantages. It not only saves time and money, it also reduces the audit pressure within the organization: Your employees only have to give insight into their daily activities once and can therefore get back to work faster. For example, it is possible to combine ISO audits with Assurance statements.
Request our whitepaper for more information.
Op strategisch niveau gaat het om de vraag of voldoende leiderschap, structuren en processen binnen de organisatie aanwezig zijn om de doelstellingen te bereiken en de bedrijfsstrategie te ondersteunen. Met betrekking tot ICT gaat het dan om de volgende aspecten:
Met betrekking tot de ICT-governancestructuur zijn de volgende onderwerpen van belang:
We can support you in obtaining assurance about these subjects.
At the tactical level, the central question is whether the methods, techniques and tools for purchasing, developing, testing and implementing information systems support the strategies and objectives of the organization. The following topics are important here:
We can support you in obtaining assurance about these subjects.
At the operational level, it is important to ensure that IT service level expectations are derived from the company's business objectives and that these expectations are met by the IT organization. The following topics are important here:
We can support you in obtaining assurance about these subjects.
Information security ensures that the confidentiality, integrity and availability (CIA) of confidential data is ensured through the design, implementation and monitoring of controls. The following topics are important in this regard:
We can support you in obtaining assurance on these and other information security topics.
At the strategic level, the question is whether sufficient leadership, structures and processes are in place to achieve the objectives and support the business strategy. With regard to IT, this concerns the following questions:
With regard to the IT governance structure, the following topics are important:
We can support you in answering these questions.
At the tactical level, the central question is whether the methods, techniques and tools for purchasing, developing, testing and implementing information systems support the strategies and objectives of the organization. The following topics are important here:
We can support you in obtaining assurance about these subjects.
At the operational level, it is important to ensure that IT service level expectations are derived from the company's business objectives and that these expectations are met by the IT organization. The following topics are important here:
We can support you in obtaining assurance about these subjects.
Information security ensures that the confidentiality, integrity and availability (CIA) of confidential data is ensured through the design, implementation and monitoring of controls. The following topics are important in this regard:
We can support you in obtaining assurance on these and other information security topics.
Het combineren van audits is over het algemeen een goed idee. U bespaart hiermee niet alleen op kosten en doorlooptijd, maar verlaagt ook de auditdruk binnen uw organisatie: uw medewerkers hoeven het verhaal maar één keer uit te leggen en kunnen sneller weer aan het werk.
Assurance audits kunnen over het algemeen onderling goed worden gecombineerd, maar ook door het combineren van ISO audits en assurance audits is in veel gevallen winst te behalen.
An assurance statement is an effective and efficient way to provide assurance to your customers about the processes they outsource to you. There are different kinds of statements.
The primary question is: “Which assurance statement provides sufficient assurance for the processes outsourced to me by my client?”
Het antwoord vindt u onze whitepaper.
As Valk Solutions, we automate business-critical point of sale processes for retail organizations. Our customers entrust us with their competition- and privacy-sensitive data. The ISAE 3402 statement is an independent confirmation for retailers that they are in good hands with us. Auvaro's audit team closely monitors that we work according to the standard every year. This sets us apart from the competition.
Karin Valk
Managing Director - Valk Solutions
Since 2016, Auvaro has been conducting the ISAE3402 audit at Itris. Itris' services to its customers are audited against NOREA's framework of standards. Since 2018, the ViewPoint functionality, Itris' ERP package, has also been audited against a framework of standards drawn up by Itris and its customers. For both audits, Auvaro issues an ISAE3402 type II statement annually. The audits are planned in close consultation with each other and are carried out in a pleasant manner by the auditors of Auvaro. We are therefore very satisfied with this service.
Marianne van Leeuwen
Manager Customer Support & Quality - Itris
Our ISAE 3402 audit was conducted efficiently and in a pleasant manner. The auditors guided us professionally.
Peter Van Den Plas
Information Security Officer - CACI B.V.
The audit process was carried out in a professional manner. Our ICT architects were impressed by the available ICT knowledge of the auditors. Conversations were conducted in a pleasant and constructive manner. It's very efficient that ISO 27001 and ISAE 3402 audits can be combined.
Theo van den Hoek
Program manager - Peopleware ICT Solutions
We wanted to investigate whether we could get an ISAE 3402 certification for our payroll service. After searching on the internet we came across Auvaro. After a first introductory meeting, we quickly started describing the processes and controls. Following Erik's advice, we then added and changed some checks and made some adjustments to our working method, after which we already received the first audit at the beginning of 2019. From this, some points emerged that have been adjusted and at the end of 2019 we received the final audit for 2019 and we were ISAE 3402 certified! The collaboration went very well and the certification also gives our customers the certainty that they can outsource their payroll administration with confidence.
Pier de Vries
Manager salary service - PeopleInc
We are an organization where a lot of information and personal data of our customers is processed. To provide a guarantee about our information security, we came to Auvaro about 3 years ago to guide us in this and to obtain an ISAE 3402 Assurance report. This year we were again audited by Erik and his team. It were intensive 'remote audit' days, but Erik and his team guided us in a very pleasant and flexible way. They were very thorough and precise and helped us with the right constructive feedback to have information security 'in control' even better.
Lisa Houwer
Security & Information Officer - Conclusion Learning Centers
