This independent audit verifies the design and implementation of our internal controls for our SupplierSelect and MarketFlow platforms.
Holding ISAE 3000 Type I certification demonstrates our unwavering commitment to providing a secure and reliable environment for our clients. This rigorous audit process provides independent confirmation that our controls are appropriately designed and implemented to safeguard your data and ensure smooth operation.
Our compliance with ISAE 3000 offers our clients a number of significant benefits:
Enhanced security: Our robust internal controls minimise the risk of data breaches and ensure the integrity of your information.
Increased transparency: The ISAE 3000 report offers valuable insights into our security practices, fostering trust and confidence in our services.
Improved compliance: Our adherence to industry best practices helps you meet your own compliance requirements.
Peace of mind: Knowing that your data is protected by a company committed to high security standards allows you to focus on your core business activities.
At Thomas Murray, security is an ongoing process. We are dedicated to continuously evaluating and strengthening our internal controls to maintain the highest standards of data protection and information security.
About the ISAE 3000
ISAE 3000 is a standard issued by the International Auditing and Assurance Standards Board (IAASB). It provides guidelines for assurance engagements other than audits or reviews of historical financial information. This standard is part of a suite of international standards intended to ensure high quality in assurance engagements, promoting confidence and transparency in non-financial information.
Insights
Why 72 hours is the New Standard for M&A Cyber Due Diligence
A decade ago, cyber due diligence sat somewhere between “nice to have” and “we’ll deal with it post-close.” That world no longer exists.
Thomas Murray Launches Digital Asset Market Information (DAMI)
Thomas Murray, a global leader in risk management, due diligence, and cybersecurity services, is proud to announce the launch of Digital Asset Market Information (DAMI).
Solving the "Scale Paradox": How to Automate Portfolio Oversight with Fewer People
In 2026, private equity technical teams are facing a "Scale Paradox": portfolios are growing in complexity, while in the internal teams responsible for operations and cybersecurity oversight, headcounts remain stagnant.
How Private Equity Hackers Choose Their Targets
Private equity firms sit at the intersection of high-value financial transactions, sensitive deal data, and an expanding portfolio of technology heavy portfolio companies – and it’s this combination that makes PE an attractive target for cyberthreat actors.