TPM audit

A Third Party Memorandum (TPM) is a statement issued by an independent audit party. The statement relates to the quality of an organization's IT services and controls.
Based on a TPM audit, the independent IT auditor (RE) certifies, through an assurance report, that an organization meets predetermined standards. The results of an audit are reported through a TPM or an ISAE 3402 or SOC 2 statement.

Our TPM audit support

Our organization consists of an enthusiastic team of registered IT auditors (REs). As an independent party, an RE auditor can prepare the third-party statement showing that your business processes are supported by a reliable IT service organization. Even if you are an IT service organization yourself, we can prepare a TPM for you.

Our IT auditors have extensive experience in issuing assurance reports. We can support you with a variety of audits on all known standards frameworks. These include DigiD, ENSIA, SOC 2, ISAE 3402, NEN 7510, ISO27001, PCF and support for the annual audit of auditors (auditing General IT controls).

Benefits of TPM for your organization

  • As an IT service organization, you save on your customers' audit costs, because then you do not have to perform the same audit for every customer with the same web application or web environment.
  • With a TPM statement, you can provide insight into the quality of your organization's IT management organization and services, for both existing and potential customers.
  • You may communicate an assurance report externally for communication and commercial purposes. See our requirements for a SOC 2 statement here.
  • As an ICT service provider, you can use such a statement to demonstrate to your clients that you comply with certain laws & regulations.
  • It is often mandatory for public companies to have a TPM statement for ICT services they purchase and procure.

TPM audit approach 2-Control

  1. Agreeing framework of standards
    In a joint session, the framework of standards to be used is finalized between client and auditor. This also clearly defines the object of investigation so that the scope of the TPM is clear to all parties.

  2. Pre-audit
    We carry out a pre-audit which gives you insight into the state of affairs with regard to the standards framework used.

  3. Audit
    Testing whether the organization complies in design and existence with the set standards and agreements as agreed in accordance with the aforementioned guidelines.

  4. Report
    Preparation of the assurance reports. We issue a specific report per client where required.

For more information about our assistance with a TPM statement, please contact us directly by calling +31(0)76-50 194 70 or leave your details in the contact form below. We will then contact you as soon as possible.


+31 (0) 76-5019470

Please contact us

Do you have any questions or comments about our IT audit services? We are happy to hear from you. Please enter your details in the form below and we will get back to you as soon as possible. You can also contact us directly at the phone number on the left.

Our dedicated team is ready to assist you with any questions or concerns. We strive to provide you with the best service possible.

Fill in our contact form