Controls Assurance Reviews - ASAE 3402, GS 007 & SOC Reporting
We provide independent assurance reviews over the controls operated by service organisations - the outsourced providers (custodians, fund administrators, unit registries, payroll processors, IT and cloud providers, investment platforms, and similar) that support our clients' operations and financial reporting.
These engagements are performed under Australian assurance standards ASAE 3402 Assurance Reports on Controls at a Service Organisation, applying GS 007 guidance where the service relates to investment management functions. ASAE 3402 is the Australian equivalent of the international ISAE 3402 standard, which itself aligns closely with the US SOC 1 framework (System and Organization Controls reporting on internal controls relevant to financial reporting). Where clients or their stakeholders require a SOC 2 or SOC 3 style report - covering trust service criteria such as security, availability, processing integrity, confidentiality, or privacy, rather than financial controls - we can scope and deliver reviews consistent with that framework as well.