March 10th, 2026

Arcplace recertified to ISO 27001 and audited to ISAE 3402 Type II

Arcplace successfully completed the control audit in accordance with ISO 27001:2022. The next recertification is scheduled for 2027. This outcome once again confirms the effectiveness of the Information Security Management System (ISMS) as well as Arcplace’s structured approach to information security risks.

ISO certification in the current version ISO 27001:2022

Arcplace's renewed certification is the result of a long-term commitment to information security.


In addition, as part of Arcplace’s comprehensive risk framework, an ISAE 3402 Type II attestation was once again obtained for selected services—including Arcplace BPO Services, Digital Mailroom and the Invoice Processing Service. This audit demonstrates that the implemented internal control system is effective both in its design and in its operational implementation and, over a defined period, systematically addresses and monitors the relevant risks.

By combining ISO 27001 certification and the ISAE 3402 Type II audit, Arcplace not only creates transparency regarding security, control and processing procedures, but also confirms the continuous fulfillment and ongoing development of international standards. While ISO 27001 ensures the systematic identification, assessment and treatment of information security risks, the ISAE 3402 Type II report demonstrates the appropriateness and operational effectiveness of the internal control system over a defined period. This provides customers—especially those in regulated industries—with a reliable basis for their own risk and compliance assessments when outsourcing document-based services.

“As a specialised service provider that performs IT-enabled services for other companies, the ISAE standard is particularly relevant for Arcplace. In addition to the control objectives and their implementation, the ISAE 3402 Type II report also audits the operating effectiveness of these controls over a defined period. This provides our customers with the information they need for their own internal controls related to outsourced services.”

Joachim Aschoff, Chief Information Security Officer, Arcplace
 

Information security and audited processes

Arcplace operates its services in Switzerland and supports organisations in the digitisation and automation of document-based processes. With audited security and control mechanisms, Arcplace ensures that sensitive information is processed confidentially, traceably and in compliance with regulations.

Arcplace AG

Arcplace AG is a Swiss specialised IT service provider that supports organisations in the digitisation and automation of document-related processes as well as in electronic archiving.

ince its founding in 2006, Arcplace has implemented solutions for over 900 customers across a wide range of industries. Arcplace is a private and independent company with a professional team of more than 80 employees.

Arcplace operates its services using data centres in Switzerland and is certified to the ISO 27001 standard for information security.

Contact:

Arcplace AG
Mühlebachstrasse 54
CH-8008 Zurich
+41 44 501 22 00
sales@arcplace.ch
www.arcplace.ch 

2026 © Arcplace AG | Impressum