May 05, 2011 09:18 ET

BWise Application Management Services and SaaS Certified for ISAE-3402

'S-HERTOGENBOSCH, THE NETHERLANDS and NEW YORK, NY--(Marketwire - May 5, 2011) - BWise, the global leader in Governance, Risk and Compliance management (GRC) software, announced today that external auditor KPMG has confirmed BWise as ISAE-3402 certified for its Application Management and Software-as-a-Service (SaaS) programs. ISAE-3402 is the global standard that provides assurance to customers of a Service Organization's Controls (SOC's) and outsourced services, such as SaaS or application management services. With the independent ISAE-3402 certification, BWise's service organization is considered dependable and trustworthy, all relevant risks are covered with adequate control objectives and operational controls. The quality and verifiability of BWise's application management and SaaS are being monitored and controlled with the BWise GRC software itself.

The international ISAE-3402 standard replaces the well-known SAS70 standard. ISAE-3402 is vital for services companies to provide their customers with a reliable statement on the management of controls on the outsourced processes of the customer. More than forty three controls are audited by KPMG, such as, access controls, incident management controls and change management controls. The ISAE-3402 standard is primarily focused on the effects and dependencies that are relevant to a customer's financial reporting.

Tonny Boerboom, COO at BWise, said, "To keep the expertise, quality and continuity of the BWise application at a high level and gain maximum return on investment, BWise customers frequently decide to outsource application management to BWise itself. The BWise application management team has access to product development and the project organization that initially implemented the customer's software and is therefore a logical outsource partner. The international standard ISAE-3402 has the same basis and is comparable to the US standard SSAE16 SOC 1. BWise has chosen to adhere to the international standard ISAE-3402 due to the world-wide customer base we serve."

Robert Pijselman, CEO at BWise, said, "ISAE-3402 certification is an acknowledgement of the quality of our service. BWise continues to invest in the quality and verifiability of these services. All workflows and risks that are relevant to BWise application management services and SaaS are documented, assessed and controlled in our own BWise application. This leads to better management and lower audit costs. Enterprises that are considering ISAE-3402 certification themselves can use the BWise GRC platform as a tool to support these endeavors too." More information:

About BWise
BWise, established in 1994, is the global leader in Enterprise Governance, Risk Management and Compliance (GRC) software. Based on a strong heritage in business process management, BWise delivers truly integrated and proven GRC solutions. With these GRC solutions BWise supports an organization to get 'in control' of all of its enterprise risks and compliance obligations. To become 'in control', BWise enables its customers to increase corporate accountability; strengthening financial, strategic and operational efficiencies; and maximizing performance, while understanding risks.

Hundreds of customers, in virtually all markets and industries in more than 80 countries, are served by BWise for their GRC needs. BWise customers include AEGON, AngloGold Ashanti, Connexxion, Health Alliance Plan (HAP) of Michigan, LeapFrog, Liebherr, Marathon Oil, Southern Company, Swiss Life, TNT and Transcontinental. Utilizing templates and a best-practice implementation approach, BWise enables management to monitor and manage risks and comply to regulations such as Sarbanes-Oxley, ISAE-3402 / SAS-70, Basel II and III and Solvency II, ISO-standards, European Corporate Governance Codes and many more. BWise has offices in the Netherlands, United States, Germany, France and the United Kingdom. For more information, visit

Contact Information