Gen-i’s information security controls assessed by Ernst & Young
Independent assurance provides peace of mind, reduces procurement time and cost
Ernst & Young has independently assessed that Gen-i’s information security controls meet the ISAE 3402 assurance standard, the
international gold standard in management controls assurance. This makes Gen-i the first New Zealand-based ICT provider
to have its information security assured to this standard.
Gen-i GM Enterprise Commercial & Trans Tasman Greg Mikkelsen says the decision to invest in achieving ISAE 3402 assurance was an easy one, as it fits
with Gen-i’s broader commitment to ongoing investment in the things that make a real difference for Gen-i clients.
“Information security is a key concern for New Zealand business and Government in today’s increasingly mobile and data
centric environment. Our clients want to know that their critical and sensitive information is protected by robust,
secure systems and practice.
“Many of our clients undertake their own research or auditing to verify information security compliance as part of their
procurement process, and there are significant time and monetary costs to this.
“By gaining this assurance we can provide our clients with access to an independent report assessing our compliance,
which provides peace of mind while reducing their procurement costs and speeding up their decision making process,” says
In order to achieve the ISAE 3402 assurance, Ernst & Young independently assessed and reported on Gen-i’s information security controls and processes. This process included
a thorough review of Gen-i’s information security policy, and a month long assessment ensuring the company was applying
this policy correctly.
Previously called an SAS70 and also known as SSAE16 in the USA, the ISAE 3402 standard has been adopted by a number of
global ICT providers, including
Google, Amazon Web Services, Microsoft and Rackspace.