Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Topics about Security Assurance

Read more about Assurance at ISACA.

“The lowest level of assurance is realized by performing self-assessments. The second level of assurance is realized by third-party statements and the third level of assurance is realized by continuous auditing.

There are several measures that can be used to assess a suppliers’ environment:

  • Certification of global standards and frameworks such as ISO 27001, Uptime TIER, TIA-942, and the Payment Card Industry Data Security Standard (PCI DSS)

  • Self-assessment questionnaires for the supplier, based on standards and frameworks such as ISO 27001, Trust Service Principles and CSA

  • Type II third-party reports that test the operation of measures periodically using robust standards or frameworks such as ISAE 3402/SSAE16 and SOC reports

  • Continuous monitoring of measures where there is continuous insight into the functioning of an organization’s control environment and security measures”

  • No labels