Tiego has obtained ISAE 3402 Type 1
ISAE 3402 Type 1 – an important milestone for our customers
We are pleased to announce that Tiego has undergone an independent ISAE 3402 Type 1 examination, conducted by Forvis Mazars and Advisense. The report confirms that, as of 30 November 2025, our controls and processes are suitably designed to support our customers’ internal control over financial reporting.
For our customers—who use Tiego Group Accounting and Tiego Lease Engine as central components in their group reporting and lease accounting—this provides increased transparency and clear evidence that our procedures and governance models are designed to meet high standards of reliability, information security, and regulatory compliance.
What does ISAE 3402 mean for you as a customer?
ISAE 3402 is an internationally recognized standard for independent assurance engagements on service organizations’ internal controls that are relevant to customers’ financial reporting. An ISAE 3402 Type 1 report focuses on:
The description of Tiego’s services and systems
Established control objectives related to financial reporting
The design of controls intended to support the control objectives and manage relevant risks
The results of the independent auditor’s assessment of the implemented controls
The report is intended to be used by our customers and their auditors as supporting documentation in connection with audits and internal control activities.
A structured control framework based on ISO/IEC 27001
The ISAE 3402 examination is based on Tiego’s established Information Security Management System (ISMS), which is designed in alignment with ISO/IEC 27001:2022. The ISMS constitutes the common governance framework for risk management, information security, change management, incident management, vendor management, and business continuity planning.
The examination covers, among other things, governance and management processes, risk management, access controls, change and release management, operational monitoring, incident management, backup and recovery, as well as business continuity and disaster recovery preparedness for our SaaS services.
Availability for customers and continued development
The ISAE 3402 Type 1 report will be made available to our customers for a fee and includes access to forthcoming ISAE 3402 reports. This forms part of our long-term commitment to making Tiego an even more relevant and reliable provider for organizations with high demands on internal control and regulatory compliance.
The ISAE 3402 initiative is also an important step in our continued development. In the coming period, we will continue to strengthen our processes and controls, with the objective of completing an ISAE 3402 Type 2 examination, which also covers the operating effectiveness of controls over time.
For us at Tiego, this is not an end goal—but a confirmation that structured governance, transparency, and quality are an integral part of how we build and deliver our services.
Would you like to know more about the report or how it can be used in your audit? Please feel free to contact us.
