CAG designs and implements our controls within the ISAE 3402 framework. what does this mean?

The replacement of SAS 70, ISAE 3402 is the new globally recognised standard for assurance reporting on service organisations. CAG’s process, risk and control design has been defined bottom up by ISAE 3402 standards – we know no other way of operating.

We believe this provides a very valuable USP against comparable competitors. This is because they tend to evolve their control processes first and must attempt to retro fit their processes into these standards – across over 80 jurisdictions. In a large cross border operation this is extremely difficult to achieve and without significant investment is virtually impossible.

We believe that for a multi-jurisdictional compliance offering at competetive rates, only CAG can truly provide an ISAE 3402 compliant service organisation system – this system being the services provided along with the supporting processes, policies, procedures, personnel and operational activities that constitute  our core activities.

In our increasingly regulated world you simply cannot afford to compromise on your service organisation control – CAG is the only cost effective answer.