Certificates

ISO 22301:2012 - Business Continuity Management System

Is the international standard for business continuity management and it specifies requirements for setting up and managing an effective Business Continuity Management System (BCMS).

Euronext Clearing (CC&G) holds Certificate No: IT292997 and operates a Business Continuity Management System which complies with the requirements of ISO 22301:2012 for the following scope:Regulated processes supporting Euronext Clearing’s institutional activities, with a specific focus on CP and Risk Management services.

ISO/IEC 27001:2013 - Information Security Management System

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.

Euronext Clearing (CC&G) holds certificate N. IT298300 and operates an Information Security Management System which complies with requirements of ISO/IEC 27001:2013 for the following scope:

The Information Security Management System for regulated processes supporting Euronext Clearing's institutional activities, with a specific focus on CCP and Risk Management services.

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.

Euronext Clearing holds certificate N. IT298300 and operates an Information Security Management System which complies with requirements of ISO/IEC 27001:2013 for the following scope:

The Information Security Management System for regulated processes supporting Euronext Clearing's institutional activities, with a specific focus on CCP and Risk Management services.

ISAE 3402 Type II

Euronext Clearing (CC&G) recently obtained the ‘International Standard on Assurance Engagements (ISAE) 3402 Assurance Reports on Controls at a Service Organisation Type II', a standard for documenting a service organisation's internal controls. ISAE is part of the International Federation of Accountants (IFAC).

What is ISAE 3402?

ISAE 3402 is an assurance standard that was developed to allow public accountants to issue a report for use by user organisations and their auditors. It looks at the controls within a service organisation that are likely to impact or be a part of the user organisation's system of internal control over financial reporting.

Additionally, the ISAE 3402 Assurance Report is issued by independent auditors who are responsible for evaluating the description, design and operational effectiveness of best practice controls.

Verification of the standard refers to a COBIT (Control Objectives for Information and related Technology) that was based on documents presenting CC&G's control system for providing IT services to user organisations.

What does this mean for Euronext Clearing?

The assurance report and the thorough nature of the audit by user organisations has recognised Euronext Clearing as improving the processes of governance and helped to create an increased awareness of the services it provides.