Financial

T-Systems private cloud meets international ISAE 3402 assurance standard


Johannesburg, 19 Oct 2016
Read time 3min 30sec
Umesh Shookan, IT Audit Lead at TSSA.
Umesh Shookan, IT Audit Lead at TSSA.

In a bold move to provide documented assurance to customers, T-Systems South Africa (TSSA) has undertaken to have its private cloud platform ISAE 3402 audited by reputable audit firm, Deloitte & Touche.

T-Systems South Africa understands the strict audit requirements that companies in South Africa can be held too. These companies are either excluded from sharing in the benefits of cloud or need to undergo onerous audit requirements themselves when running their company workload on cloud platforms. This is in line with the T-Systems South Africa approach of offering solutions that conform to global standards to local customers who would like to run their workloads within South Africa without having to sacrifice on the levels of compliance required.

Umesh Shookan, IT Audit Lead at TSSA, says, "Our independent service provider, Deloitte & Touche, was engaged to report on our Cloud-based Dynamic Services for Infrastructure (DSI) platform throughout the period 1 January 2016 to 30 June 2016."

The ISAE 3402 audit was developed by the International Auditing and Assurance Standards Board (IAASB), to provide an international assurance standard that enables auditors to issue a report for use by ICT service providers and their customers as part of their own annual audits. This report verifies that the general and security controls in place within delivery of an ICT service meet the specified standards.

According to Shookan, TSSA submits to several lengthy audits on its ICT infrastructure and architecture every year, conducted by its customers' auditors. Engaging with an independent firm means that T-Systems South Africa can offer its customers the benefit of a report on which their own auditors can rely. This means the customer can use fewer resources to audit T-Systems' cloud-based solutions themselves - a process which often takes months at a time.

T-Systems hosts their customers' critical production workloads on their private cloud platform which includes ERP solutions like SAP Classic, SAP HANA, Sage ERP, as well as e-mail services where customers are not able to use other popular e-mail services hosted outside of South Africa.

"The ISAE 3402 audit is typically conducted across the traditional physical ICT infrastructure model. However, performing the audit over a cloud environment is a significant shift which requires the auditors to evaluate a platform that could be used for multiple customers who are running critical production workload," says Shookan. "The two-and-a-half-month process has resulted in a report which not only stands as fair and unbiased evidence for our customers that our private cloud, on which we build our DSI Infrastructure-as-a-Service offerings, is secure and well controlled, but that we are also invested in driving best practice within our organisation."

According to Shookan, this audit also serves as a governance check for TSSA to ensure it is striving towards continual compliance and improvement of its services. The report furnished by Deloitte & Touche indicates that the controls tested on T-Systems South Africa's DSI platform have been both suitably designed and effectively operated throughout the audit period and that no exceptions resulted in the failure of any control objectives.

"It is only recently that international ICT players have begun to carry out ISAE 3402 audits on their cloud platforms. Our audit enables our customers in South Africa to run their critical workloads on a platform that meets the audit requirements that enterprise customers expect. To our knowledge, we are one of the first - if not the first - South African ICT company to have its Cloud environment audited in this manner, and we are proud to be able to offer our customers the best assurance and peace of mind in our cloud platform that this audit provides," concludes Shookan.

Deutsche Telekom

Deutsche Telekom is one of the world's leading integrated telecommunications companies with around 151 million mobile customers, 30 million fixed-network lines and more than 17 million broadband lines (as of 31 December 2014). The group provides fixed network, mobile communications, Internet and IPTV products and services for consumers and ICT solutions for business customers and corporate customers. Deutsche Telekom is present in more than 50 countries and has approximately 228,000 employees worldwide. The group generated revenues of EUR 62.7 billion in the 2014 financial year - more than 60% of it outside Germany.

T-Systems

Deutsche Telekom considers the European business customer segment a strategic growth area. Deutsche Telekom offers small, medium-sized and multinational companies ICT solutions for an increasingly complex digital world. In addition to services from the cloud, the range of services is centred around M2M and security solutions, complementary mobile communications and fixed network products, and solutions for virtual collaboration and IT platforms, all of which forms the basis for its customers' digital business models.

With approximately 47 800 employees worldwide, T-Systems generated revenue of around EUR 8,6 billion in the 2014 financial year.

Since the inception of T-Systems in South Africa in 1997, the company has cemented its position as one of the most successful T-Systems companies outside of Europe. A leading ICT outsourcing service provider locally, T-Systems offers end-to-end ICT solutions in both the ICT Operations and Systems Integration markets. Its extensive portfolio of services covers the vertical, horizontal, IT and TC space. T-Systems South Africa's head office is located in Midrand with another major office in Cape Town, and 20 further representative offices in locations throughout southern Africa.

Editorial contacts
Evolution PR Nthabiseng Mokoena (+27) 011 462 0628 Nthabiseng@evolutionpr.co.za
T-Systems Thamsanqa Malinga (+27) 11 254 7400 Thami.Malinga@t-systems.co.za
Have your say
Facebook icon
Youtube play icon