AuditableAuditable

We call Schuberg Philis the ‘auditable IT outsourcing company’ because we help our customers by incorporating corporate governance, regulations and compliance into the overall service and infrastructure management of their outsourced business critical applications from the very first day. Living up to this promise, we apply the highest standards while remaining flexible to evolving business needs. We continously update our best practices in close cooperation with our customers as well as their internal audit departments and independant external auditors.

Benefit from audits

All our customers operate in regulated markets with their own specific compliance requirements. We help determine which rules and regulations are relevant and make sure that the Schuberg Philis’ processes and measures are certified against the highest international standards.

This approach creates enormous efficiency and control with regards to audit planning. It’s easy to demonstrate, even on the fly, what has been done. This decreases regulatory and compliance burden and allows our customers to actually benefit from audits. Our customers have always complied with their policy objectives regarding the services provided by Schuberg Philis. And the decreased regulatory and compliance burden allows our customers to focus on what’s really important: doing business and running their operation.

Scope of certification

Schuberg Philis is the first outsourcing provider whose ISO 27001:2005 Statement of Applicability (scope of the certification) covers all customer application infrastructures outsourced to Schuberg Philis as part of the audited and certified environment. This means that our customers can state that their dedicated mission critical application infrastructure is ISO 27001:2005 certified. And have peace of mind that their entire infrastructure, not just one or two elements of it, has certified information security. For customers who require a Statement on Auditing Standard 70 (SAS70), Schuberg Philis is capable of providing this in close cooperation with the customer on the specific type and scope.

Compliancy issues and trends

  • Although regulations will differ widely across industries and geographies, compliance requirements will become more demanding and enforcement more stringent over the next few years, which will continue to drive demand for improved IT risk and compliance management
  • Information systems – especially those containing business critical data- are increasingly subject to regulatory requirements
  • For many companies, dealing with the technical consequences of the changes in regulatory requirements is beyond their definition of ‘core business’
  • Through selective outsourcing a more holistic take on compliance processes can liberate the customer from one-off project centric implementations
  • Instead of thinking about solving a discrete compliance problem, implementation of granular IT controls can meet compliance, IT and business goals.

By understanding and addressing these trends and issues, we can build more easily – with customers – an efficient and well-leveraged plan for high profile, high reward, low risk projects in an auditable environment that delivers enormous benefits.


Light & Schuberg Philis
Eneco Energy Trade, a customer since 2006Light & Schuberg Philis
Eneco Energy Trade, a customer since 2006
_
Background photo by Amber OrtolanoBackground photo by Amber Ortolano