Security

With ISAE 3402 Type 2 certification and enterprise-grade controls, we safeguard your business-critical revenue and spending data so you stay compliant, trusted and secure. 

Security is a fundamental element of operations at UpClear.  Robust security is critical to create and maintain the trust of our client partners.  UpClear is committed to protecting your data.

UpClear and BluePlanner are ISAE 3402 Type 2 certified, an independent, third-party audit that validates internal controls to provides assurance that a vendor's internal controls are effective. It's an internationally recognized standard.

The goal of this certification is to provide assurance that the vendor has adequate internal controls in place related to the services they provide, especially services that impact the financial statements of their customers.

The "Type 2" distinction: The key difference between an ISAE 3402 Type 1 and a Type 2 report is the scope and period of the audit. The ISAE 3402 Type 1 Report is a snapshot from a point in time. It assesses the suitability of the design and implementation of the service organization's controls as of a specific date. It confirms that the controls are designed correctly and are in place. The ISAE 3402 Type 2 Report is a more comprehensive and rigorous report. It evaluates not only the design and implementation of controls but also their operating effectiveness over a period of time (typically 12 months).

An auditor performs detailed testing of the controls throughout this period to determine if they actually worked as intended and consistently achieved their objectives. This type of report provides a higher level of assurance to the vendor's clients because it demonstrates that the controls have been functioning effectively over time, not just at a single point.