Komainu Granted ISAE 3402 Type 1 and ISO 27001:2013 Security Certifications
The Digital Asset Custodian continues to set the industry standard for trust and transparency with the latest certifications
Komainu (“the Company”), a regulated digital asset custody services provider built by institutions for institutions, today announced it has secured the ISO 27001:2013 and ISAE 3402 Type 1 certifications, completing the external auditing process. These certifications demonstrate Komainu’s commitment to provide digital asset investors institutional-grade custody solutions which adhere to the highest industry standards for security protocols.
ISO 27001:2013 is a globally recognized information security standard that dictates how companies should manage internal data. Komainu’s systems and controls were externally audited against the ISO27001:2013 framework to ascertain their effectiveness and how they contributed to the security of the Company’s custodian services. ISO27001:2013 is held by only a handful of firms within the digital asset industry, further establishing Komainu as a leading digital asset custody services provider.
The ISAE 3402 Type 1 is a reporting option established by the Association of International Certified Professional Accountants to analyze the suitability of an organization’s controls design. The certification is granted to an organization after undergoing rigorous scrutiny via an independent, third-party audit. The audit was completed through an independent third-party, which granted the ISAE 3402 Type 1 to Komainu. Having controls independently reviewed provides reassurance for institutions working with Komainu that the control infrastructure meets industry standards.
Komainu’s Chief Information Security Officer Andrew Morfill said, “Komainu was established by industry leaders in both the traditional and digital asset markets to provide custody services to financial institutions. These two certifications of our platform’s security and controls through third-party testing is the latest step for Komainu in establishing itself as the go-to provider of institutional-grade custody solutions.”
Komainu’s controls are contained within their Information Security Management System (ISMS), which focuses on continuous improvement across the organization rather than a snapshot of control effectiveness at one particular point. In order to continue holding these high-level certifications the Company has to maintain and improve the comprehensive control environment it has put in place.
Morfill continued, “These certifications demonstrate our commitment to the security of our clients’ data and to providing a custody solution that financial institutions can trust. These certifications serve as a third-party attestation that our controls supporting financial reporting and operations not only meet, but exceed the high standards of financial institutions.”
Previous or next article