Yokogawa Electric Corporation announces that it has received a Type 1 report* on the internal controls that it employs in the provision of production control system secured remote solution services at its customers' plants. This report complies with the ISAE3402 international standard and the SSAE16 U.S. standard, both of which address the adequacy and effectiveness of the internal controls at service organizations.
With the growing threat of cyber-attacks, there is an urgent need to strengthen the security of plant production control systems. In addition to control systems, Yokogawa provides comprehensive solution services that address its customers’ security needs. Yokogawa designs, constructs, and manages various control system security solutions that make use of information systems infrastructure. To help it improve the reliability and value of these services, and thereby ensure the stable operation of its systems, Yokogawa has obtained an ISAE3402/SSAE16 internal controls report on the service delivery and service support processes supporting the secured remote solution services that it offers in markets outside Japan.
Based on an objective evaluation, this report attests to the adequacy and effectiveness of Yokogawa’s internal controls for its secured remote solution services providing customers the assurance they need to commission these services without conducting their own audits. In addition, customers can submit such reports for evaluations of service organization internal controls that are required under regulations such as the U.S. Sarbanes-Oxley Act (SOX), thus reducing their auditing workload.
As a result of the rising use of information technology and advances that are being achieved through the introduction of Industrial Internet of Things (IIoT) technology in plant operations, it is expected that operation technology (OT) and information technology (IT) will become more closely integrated. With its solid track record in helping companies make optimum use of their control systems, Yokogawa is well positioned to provide services that incorporate cyber-security management and other types of information technology solutions in control systems. Yokogawa will use such evaluations from independent organizations to provide its customers optimum, highly reliable services.
* In compliance with a practical guideline, this report is issued by the auditor of a service organization to the auditors who are responsible for the auditing of the service organization’s clients’ financial statements in order to provide assurances as to the design and implementation of the service organization’s internal controls. As a practical guideline, the International Auditing and Assurance Standards Board (IAASB) issued the International Standard on Assurance Engagements (ISAE) 3402 in December 2009. In April 2010, the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) issued the Statements on Standards for Attestation Engagements (SSAE) 16, which is similar to ISAE3402. There are Type 1 and Type 2 reports: Type 1 evaluates the adequacy of a service organization’s internal controls, while Type 2 evaluates the effectiveness of the implementation of the internal controls over a certain period of time, as well as their adequacy.
Yokogawa's global network of 88 companies spans 56 countries. Founded in 1915, the US$3.5 billion company engages in cutting-edge research and innovation. Yokogawa (yokogawa.com) is active in the industrial automation and control (IA), test and measurement, and aviation and other businesses segments. The IA segment plays a vital role in a wide range of industries including oil, chemicals, natural gas, power, iron and steel, pulp and paper, pharmaceuticals, and food.