Yokogawa OK’d for Internal Controls Report

Wednesday, December 9, 2015 @ 10:12 AM gHale

Yokogawa Electric Corporation received a Type 1 report for the reliable provision of cyber security management services.

This report complies with the ISAE3402 international standard and the SSAE16 U.S. standard, which address the adequacy and effectiveness of the internal controls at service organizations.

With the growing threat of cyber attacks, there is a need to strengthen the security of plant production control systems. To help it improve the reliability and value of its services, and ensure the stable operation of systems, Yokogawa obtained an ISAE3402/SSAE16 internal controls report on the service delivery and service support processes supporting the secured remote solution services it offers in markets outside Japan.

Based on an objective evaluation, this report attests to the adequacy and effectiveness of Yokogawa’s internal controls for its secured remote solution services providing users the assurance they need to commission these services without conducting their own audits. In addition, customers can submit the reports for evaluations of service organization internal controls required under regulations such as the U.S. Sarbanes-Oxley Act (SOX), thus reducing their auditing workload.

As a result of the rising use of information technology (IT) and advances achieved through the introduction of Industrial Internet of Things (IIoT) technology in plant operations, operation technology (OT) and IT will become more closely integrated.

This report ends up issued by the auditor of a service organization to the auditors who are responsible for the auditing of the service organization’s clients’ financial statements in order to provide assurances as to the design and implementation of the service organization’s internal controls.

The International Auditing and Assurance Standards Board (IAASB) issued the International Standard on Assurance Engagements (ISAE) 3402 in December 2009. In April 2010, the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) issued the Statements on Standards for Attestation Engagements (SSAE) 16, which is similar to ISAE3402.

There are Type 1 and Type 2 reports: Type 1 evaluates the adequacy of a service organization’s internal controls, while Type 2 evaluates the effectiveness of the implementation of the internal controls over a certain period of time, as well as their adequacy.