Trust Centre


VCDM: An Information Security Management System for the cloud

The Visma Cloud Delivery Model (VCDM)  describes our approach to developing, delivering and operating cloud services. It describes aspects of how we should be organized, how we should work (processes) as well as technical requirements and best practices necessary for successful cloud service delivery.

The model is based on a set of core principles and focuses on DevOps and Continuous Delivery. VCDM has the following audit assurance report and certifications:

  • ISAE 3402 Type II
  • ISO 27001

The Visma Security Program and the Visma Architecture and Technology Program are integrated in the Visma Cloud Delivery Model. Our Information Security Management System (ISMS) is certified according to ISO 27001 and it’s audited annually by an independent IT auditor.

In addition, Visma's ability to comply with the ISMS and the Quality Management system  in VCDM is audited by an independent audit company in accordance with ISAE 3402. This comprehensive check is also carried out annually and is summarised in an ISAE 3402 Type II report.

Here you can read more about the security benefits of VCDM and about how VCDM benefits you as a customer.