Worry-free IT: Penta’s 17th annual ISAE 3402 audit report ready for your FINMA and DFSA compliance – and peace of mind

Penta has successfully completed ISAE 3402 audit covering 2022 confirming that Penta’s internal IT risk management controls are effective and compliant with best practices. The independent audit done by EY (Ernst & Young), a global audit and assurance firm.

The ISAE 3402 audit standard is recognised internationally, including by financial regulators like the Swiss Financial Market Supervisory Authority (FINMA), Dubai Financial Services Authority (DFSA), and the UK’s Prudential Regulation Authority (PRA).

Why is the ISAE 3402 audit important?

The ISAE 3402 audit is designed for service organizations and assures clients and stakeholders of the effectiveness of Penta’s internal controls. This translates to more client confidence, improved risk management, and regulatory compliance.

What does this audit mean for Penta clients?

For Penta clients hosted on its servers, the ISAE 3402 audit means that they continue to benefit from rigorous IT security and operational controls, and automatic compliance with rules and regulations, at no extra cost. Clients also receive copies of the audit report for reference in the case of legal or compliance inquiries or reporting.

What period is covered by this audit?

The ISAE 3402 audit tests the effectiveness of internal controls over a period of 12 months. Penta undergoes this audit once a year with this latest version covering the year 2022.