Ernst & Young has independently assessed that Gen-i’s information security controls meet the ISAE 3402 assurance standard, the international gold standard in management controls assurance.
As a result of the assessment, this makes Gen-i the first New Zealand-based ICT provider to have its information security assured to this standard.
Gen-i GM Enterprise Commercial & Trans Tasman Greg Mikkelsen says the decision to invest in achieving ISAE 3402 assurance was an easy one, as it fits with Gen-i’s broader commitment to ongoing investment in the things that make a real difference for Gen-i clients.
“Information security is a key concern for New Zealand business and Government in today’s increasingly mobile and data centric environment," he says.
"Our clients want to know that their critical and sensitive information is protected by robust, secure systems and practice.
“Many of our clients undertake their own research or auditing to verify information security compliance as part of their procurement process, and there are significant time and monetary costs to this.
“By gaining this assurance we can provide our clients with access to an independent report assessing our compliance, which provides peace of mind while reducing their procurement costs and speeding up their decision making process."
In order to achieve the ISAE 3402 assurance, Ernst & Young independently assessed and reported on Gen-i’s information security controls and processes.
This process included a thorough review of Gen-i’s information security policy, and a month long assessment ensuring the company was applying this policy correctly.
Previously called an SAS70 and also known as SSAE16 in the USA, the ISAE 3402 standard has been adopted by a number of global ICT providers, including Google, Amazon Web Services, Microsoft and Rackspace.