This independent audit verifies the design and implementation of our internal controls for our SupplierSelect and MarketFlow platforms.
Holding ISAE 3000 Type I certification demonstrates our unwavering commitment to providing a secure and reliable environment for our clients. This rigorous audit process provides independent confirmation that our controls are appropriately designed and implemented to safeguard your data and ensure smooth operation.
Our compliance with ISAE 3000 offers our clients a number of significant benefits:
Enhanced security: Our robust internal controls minimise the risk of data breaches and ensure the integrity of your information.
Increased transparency: The ISAE 3000 report offers valuable insights into our security practices, fostering trust and confidence in our services.
Improved compliance: Our adherence to industry best practices helps you meet your own compliance requirements.
Peace of mind: Knowing that your data is protected by a company committed to high security standards allows you to focus on your core business activities.
At Thomas Murray, security is an ongoing process. We are dedicated to continuously evaluating and strengthening our internal controls to maintain the highest standards of data protection and information security.
About the ISAE 3000
ISAE 3000 is a standard issued by the International Auditing and Assurance Standards Board (IAASB). It provides guidelines for assurance engagements other than audits or reviews of historical financial information. This standard is part of a suite of international standards intended to ensure high quality in assurance engagements, promoting confidence and transparency in non-financial information.
Insights
Why Cybersecurity Due Diligence is Critical to Deal Completion
It’s a common story: after months of meticulous financial, operational, and market analysis, a critical finding emerges in the final weeks before deal closure – threatening what seemed like a near-certain transaction with a three-month delay.
DORA Compliance Checklist: Practical Guidance for Q4 and 2026
Our structured, expert-led checklist, will help you to prioritise and demonstrate readiness to supervisors and regulators.
Ransomware at Europe’s Airports: Case for Community-Driven Third Party Risk Management
The recent ransomware attack on Collins Aerospace’s Muse software, which brought chaos to airports across Europe, serves as a stark reminder of a critical gap in how organisations approach Third Party Risk Management (TPRM).
JLR Cyber Attack: What it Means for Private Equity, Credit, and Equity Investments
From the iconic E-Type Jaguar to images of the late Queen driving modern Range Rovers on her estate, JLR has long held a uniquely British place in the national consciousness, even under Tata ownership. The incident has affected the owners of the business, the supply chain, and customers, and offers learnings for the Private Equity (PE) industry.