The SSAE-16 and ISAE-3402 examinations underline Misys’ commitment to SaaS solutions quality
Misys plc (FTSE: MSY.L), the global application software and services company, announced today that it has recently completed examinations of the organisational controls covering its Confirmation Matching Services (CMS) and its Managed Hosting Services.
The completion of the examinations underlines the commitment of Misys to provide its customers and their auditors with information and assurance regarding the controls and safeguards over its hosting solutions. Misys processes, procedures and controls were formally evaluated and tested by an independent accounting and auditing firm, Ernst & Young LLP. The examinations included assessing and testing controls related to logical access to systems, programs and data, change management, processing controls and physical security. This is the seventh year obtaining a service organisation controls examination covering CMS, which now serves more than 1,000 clients, and the third year covering the Managed Hosting Services in the Software-as-a-Service (SaaS) model.
“By successfully completing SSAE 16 and ISAE 3402 examinations, we continue to demonstrate that the design and operational effectiveness of the controls we have in place for our hosted solutions are the best in the industry,” said Hach Hashasian Senior Director, SaaS Technology Operations & Compliance at Misys. “Complying with these new standards provides our customers with cost savings while also reinforcing the value of the people, processes and technology that are at the heart of the Misys SaaS business model.”
The SSAE16 examination (formerly SAS70 examination) is widely recognised and indicates that a service organisation has been through an evaluation of its internal control activities relating to an audit of the financial statements of its customers. The reports not only include the description of the service organisation’s systems, but also include detailed testing of the design and operating effectiveness of that service organisation’s controls. The examinations were performed in accordance with Statement on Standards for Attestation Engagements No. 16 “Reporting on Controls at a Service Organization” of the American Institute of Certified Public Accountants (AICPA) and the International Standard on Assurance Engagements 3402 “Assurance Reports on Controls at a Service Organization” of the International Auditing and Assurance Standards Board.