Visma IT – Assurance and certifications

This page gives you access to all the certifications and audit assurance reports related to our Visma Centralised Operating Model (VCOM) and the responsible Visma company.

ISAE 3000 / ISAE 3402 Type II, SOC 1
Our existing in-scope customers can order access to these reports by filling in this form.

The ISAE 3402 report covers the controls needed for financial reporting while ISAE 3000 contains the security-related controls. Both cover a 12-month audit period and are issued in January every year.

Our VCOM model and the hosting provider Visma IT are both covered by the following certifications:

ISO 27001:2013

A screenshot of the 27001 certificate.

ISO 27001 contains requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS).

To order the full certificate and the SOA, please fill in this form.

ISO 27018:2014

A screenshot of the 27018 certificate.

ISO 27018 contains commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

To order the full certificate, please fill in this form.

ISO 20000-1:2018

A screenshot of the 20000 certificate.

ISO 20000 contains specific requirements for a service provider to plan, establish, implement, operate, monitor, review, maintain and improve a service management system (SMS), with added requirements including the design, transition, delivery and improvement of services to fulfil agreed service requirements. The standard is closely linked to ISO 9001 (see below) but with deeper focus on customers and their needs.

To order the full certificate and the SOA, please fill in this form.

Visma IT (the Visma company responsible for the data hosting) is certified according to:

ISO 9001:2015

A screenshot of the 9001 certificate.

ISO 9001 is the overall quality assurance standard based on a number of quality management principles including a strong customer focus, process approach and continual improvement.

To order the full certificate, please fill in this form.

ISO 21500:2012

A screenshot of the 21500 certificate.

ISO 21500 is an international standard providing guidance on concepts and processes of project management that are important for performance of projects and programs.

To order the full certificate, please fill in this form.

ISO 14001:2015

A screenshot of the 14001 certificate.

ISO 14001 is an international standard that specifies requirements for an effective environmental management system (EMS), and provides practical tools for companies and organizations of all kinds looking to manage their environmental responsibilities.

To order the full certificate and the SOA, please fill in this form.

A number of Visma products also use services from the Visma IT service catalogue that are covered by ISO certifications. If you have any questions about this, please contact us.