AUDIT REPORTS

RESOURCES ON INFORMATION SECURITY

Last modified 31.05.23

Resources to help Information Security and Compliance Professionals understand AskCody's cloud features, and to verify technical compliance and control requirements. Use this ISAE 3000 report to stay current on the latest privacy, security, and compliance-related information for AskCody's Platform and Services.

At AskCody, we are constantly improving our data protection, both in regard to securing the data that is shared with us, as well as complying with the laws and regulations on data protection. 

As part of our promise to provide an enterprise grade platform with the highest security standards implemented, AskCody on a yearly basis perform a third party audit and inspection to verify the compliance of data processing with respect to our DPA, GDPR, our Information Security Policy and all other security and compliance matters in AskCody.

Therefore, an independent third party (BDO) – a state-certified company auditor – has controlled and certified our security measures, our compliance, and more to clarify and document that we have implemented security measures and that those measures work efficiently.

By this we can provide our trusted Customer and Business Partners the assurance they need, that AskCody process data responsibly, so they in turn can assure their users and employees that personal data is handled with care and in compliance with data protection laws (GDPR).

The ISAE 3000 Report is useful to you when it comes to assessing our compliance with your instructions and the data processing agreement that we have entered into with you.

 

UPDATED AND ACHIEVED AUDIT REPORT: ISAE 3000

As regulated in our Data Processing Agreement entered with all client using the AskCody Platform, and as part of promise to providing an enterprise grade platform with the highest security standards, we must on a yearly basis perform a third party audit and inspection to verify the compliance of data processing with respect to the Data Processing Agreement, GDPR, our Information Security Policy, or Secure Development Policy and all other security and compliance matters in AskCody.

Therefore, we have performed a third-party audit and obtained and achieved an ISAE 3000 audit report that ensures that our data security continuously is revised, updated and implemented in accordance with GDPR, data protection laws and policies, and best practices in all levels and aspects of AskCody.

Please request the most recent Independent Auditor’s (by BDO) ISAE 3000 report on the description of the AskCody Platform and related technical and organizational measures and their design relating to processing and protection of personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Danish act on supplementary provisions here.

THE ISAE 3000 REPORT

AskCody is responsible for processing of personal data for our customers, who are Controllers according to the Regulation of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the EU General Data Protection Regulation) and the Danish Act on Supplementary Provisions.

The description in the ISAE 3000 report is intended for AskCody’s customers (Controllers) using the AskCody Platform, and who have a sufficient understanding to consider the description along with other information, including information about controls operated by the Controllers themselves, when assessing whether the requirements of the EU General Data Protection Regulation and the Danish Act on Supplementary Provisions are fulfilled.

By this report, AskCody confirms that the accompanying description presents fairly the AskCody Platform that has processed personal data for Controllers subject to the EU General Data Protection Regulation, and the related technical and organizational measures (controls) for the period June 1st to May 31st each year.

In the report a thorough description of the AskCody Information Security Policy and Rules, our guarantees, processing activities, technical and organizational measures, safety measures, our controls and procedures, and breach procedures are tested and documented.

UNDERSTAND ASKCODY ON DATA PROCESSING AND INFORMATION SECURITY

To understand how Data is processed, stored, handled, and managed, which data types, subject matters and categories is processed, and with what purpose, which security requirements we have implemented for processing these data types and subject matters, and which sub-processers AskCody may use, to deliver our platform and services, we recommend that you visit our Help Center and read our documentation on the topic.