Latest news with #ISAE
Business Wire
02-07-2025
- Business
- Business Wire
Wizz Air Tops Major Airline Emissions Rankings
LONDON--(BUSINESS WIRE)--Wizz Air is the world's most emissions-efficient airline in new rankings released today by Cirium, the aviation analytics firm. The Cirium Flight Emissions Review ranks the top 20 airlines globally, through a consistent benchmark for flight emissions. Wizz Air, the Hungary-based ultra-low-cost airline emits an industry low of 53.9 grams of CO₂ per Available Seat Kilometer (ASK)*, followed by Frontier Airlines (54.4 grams) and Pegasus (57.1 grams) according to the report. The rankings provide the aviation industry with verified comparable data on an equal playing field as the sector advances toward Net Zero by 2050 commitments. The rankings performance use Cirium's EmeraldSky platform, which achieved ISAE 3000 Reasonable Assurance from PricewaterhouseCoopers (PwC) and official accreditation from the Rocky Mountain Institute (RMI). Wizz Air, Frontier, and Pegasus Top 3; The Top 20 Major Airlines Ranked by CO2 Emissions/ASK The top 20 Major airlines globally are presented in the corresponding tables. Of note is the performance of Indigo, top in Asia, Volaris, top in Latin America and the Caribbean, and Jetstar, for its performance in Australia. The CO2/ASK Emissions of the World's Largest Airlines Cirium's reporting also ranked the 10 largest airlines in the world by ASK. At the head of the table is Ryanair, followed by Southwest Airlines, and Delta Air Lines. Each of the major U.S. carriers earned spots at the table, while Turkish Airlines, Qatar Airlines and Emirates rounded out a group of primarily long-haul operators. Enabling Fair Comparison Across the Industry 'For the first time, airlines can compare their emissions performance using a consistent, verified methodology,' said Jeremy Bowen, CEO at Cirium. "EmeraldSky provides the industry-standard benchmark that enables fair comparison and meaningful progress tracking." The comprehensive Review analyzed global operations using dual-accredited methodology, with the full report containing extensive findings across: Global Category Rankings showing the top 20 Major airlines and the World's 10 largest airlines by CO₂ per Available Seat Kilometer Regional Performance breakdowns showing which airlines excel on intra-region and inter-region routes Route-Level Improvements identifying specific airport pairs with the greatest efficiency gains Operational Insights revealing how fleet composition, load factors, and route optimization drive performance differences The Review provides comprehensive operational insights that support industry-wide efficiency improvements, offering actionable intelligence for aviation stakeholders committed to sustainability progress. Setting New Industry Transparency Standards EmeraldSky's methodology achieved the highest level of assurance under International Standard on Assurance Engagements through rigorous independent review. The Rocky Mountain Institute's accreditation under the Pegasus Guidelines validates the approach for climate-aligned aviation financing, enabling banks and investors to make informed decisions based on verified emissions data. This standardized approach addresses aviation's fragmented sustainability reporting, where inconsistent methodologies have made meaningful comparisons impossible. The verified benchmark enables airlines to assess their operational efficiency accurately, investors to evaluate performance reliably, and corporations to report Scope 3 emissions with confidence. Quarterly Updates Drive Accountability The Flight Emissions Review will be updated quarterly, tracking performance changes and operational improvements across the industry. With hundreds of data points and detailed analysis across multiple categories, the report provides the most comprehensive view of aviation emissions performance available. Access the Complete Rankings and Analysis The full Flight Emissions Review, including detailed carrier rankings, regional breakdowns, route-specific analysis, and operational insights, is available for download at Notes to Editors * Available Seat Kilometers (ASK) is a metric in the airline industry that represents the total passenger capacity of an airline About Cirium Cirium ® is the world's most trusted source of aviation analytics. The company delivers powerful data and cutting-edge analytics to empower a wide spectrum of industry players. It equips airlines, airports, travel enterprises, aircraft manufacturers, and financial entities with the clarity and intelligence they need to optimize their operations, make informed decisions, and accelerate revenue growth. Cirium ® is part of LexisNexis ® Risk Solutions, a RELX business, which provides information-based analytics and decision tools for professional and business customers. The shares of RELX PLC are traded on the London, Amsterdam and New York Stock Exchanges using the following ticker symbols: London: REL; Amsterdam: REN; New York: RELX.
Engadget
26-06-2025
- Business
- Engadget
ExpressVPN's external auditors confirm no-logs policy as of February
"ExpressVPN never keeps data that could tie you to any online activity," the VPN provider claims on its website. An independent audit from late February supports those claims. Accounting firm KPMG found "reasonable assurance" that the VPN provider's system prevents the logging of user activity. The product is one of Engadget's top VPN picks. The firm's audit put ExpressVPN's TrustedServer system under a microscope. That's the company's RAM-based system. In theory, this approach means user data is wiped with every server reboot. (Doing so would prevent even the possibility of long-term storage.) Some competitors, including NordVPN, also use RAM-based servers. Meanwhile, ProtonVPN counters that properly encrypted hard drives are just as secure. Another counter-argument to RAM-based servers is that they're only as effective if they're rebooted. In theory, a company could run RAM servers for marketing purposes, but then never restart them. That's where audits can help. KPMG has a high level of confidence that the no-logging system functioned as advertised in late February. "Controls provide reasonable assurance that the ExpressVPN TrustedServer does not collect logs of users' activity," KPMG's paper reads. That included "no logging of browsing history, traffic destination, data content, DNS queries or specific connection logs." KPMG's assessment was an ISAE 3000 Type I audit. That means it focused on ExpressVPN's control design and implementation at a specific point in time. (Meanwhile, a Type II audit would have gone farther, testing the effectiveness of those controls over an extended period.) If you aren't familiar, KPMG is one of the Big Four accounting firms. It's a trusted name that corporations shell out big bucks to for audits like this. The assessment looked at several factors. These included documentation reviews, observing the system at work and interviewing ExpressVPN personnel. The audit's conclusion applies "as of February 28, 2025." You can read KPMG's full paper for a more detailed breakdown.
Tom's Guide
26-06-2025
- Business
- Tom's Guide
ExpressVPN reasserts its privacy claims with third no-logs audit
ExpressVPN has completed a third audit of its no-logs policy and TrustedServer system. The provider, one of the best VPNs, is known for its privacy credentials and these were proven in this audit. KPMG LLP examined ExpressVPN's privacy policy and TrustedServer technology and "reasonable assurance" was provided that ExpressVPN does not collect activity or connection logs. A verified no-logs policy is a must-have for the most private VPNs and Windscribe's recent court case proved just how important they are. ExpressVPN says its "technology is engineered so that activity logs and connection logs are never retained." KPMG assessed these claims by examining ExpressVPN's TrustedServer technology and its privacy policy. The assessment was conducted under the globally recognized International Standards on Assurance Engagements (ISAE) (UK) 3000 Type 1. TrustedServer's design means it prevents log collection. No-logging is built into the technology and the process is constantly reviewed. The servers regularly reboot, and any accumulated data is forgotten. KPMG confirmed that no personally identifiable information, such as a user's IP address, is logged on the server, or exported from the server in any way. The firm provided "reasonable assurance" that TrustedServer "does not collect logs of users' activity, including no logging of browsing history, traffic destination, data content, DNS queries, or specific connection logs." No issues were identified. KPMG confirmed the results aligned with ExpressVPN's no-logs policy and users were protected. These claims were true as of 28 February 2025 and KPMG's full assessment report is available to read. ExpressVPN says it makes continuous efforts to validate its privacy promises and regular independent audits are essential for this. "Independent assurance isn't just a checkbox for us – it's fundamental in our efforts towards trust and transparency," said Aaron Engel, Chief Information Security Officer at ExpressVPN. "Having KPMG evaluate our technologies and assess our privacy protections again demonstrates our unwavering commitment to maintaining the highest standards of user privacy protection." Engel added that "by subjecting our systems to rigorous third-party scrutiny, we're not just verifying our current protections – we're establishing a standard for accountability that we hope will raise the bar across the entire VPN industry." ExpressVPN has published 23 third-party audits and it recently commissioned two assessments of its Lightway protocol. Lightway has been remade in Rust to make it even faster and more secure. Cure53 and Praetorian completed the assessments and positive results were found – low-risk findings were immediately addressed by ExpressVPN. The Lightway protocol also fully supports post-quantum encryption, meaning ExpressVPN users can protect their devices with the highest standards of security. We test and review VPN services in the context of legal recreational uses. For example: 1. Accessing a service from another country (subject to the terms and conditions of that service). 2. Protecting your online security and strengthening your online privacy when abroad. We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.
Yahoo
14-02-2025
- Business
- Yahoo
NordVPN verifies its no-logs assurance assessment for the fifth time
LONDON, Feb. 14, 2025 (GLOBE NEWSWIRE) -- NordVPN, a leading cybersecurity company, underwent an independent assurance engagement at the end of 2024. Seeking to maintain a high level of trust and transparency, NordVPN commissioned Deloitte Audit Lithuania, one of the market-leading Big Four firms, to conduct an assurance report on the configuration of its IT systems, supporting infrastructure, and no-logs claims. For the fifth time in NordVPN's history, an independent team of researchers verified that the company's no-logs statement is accurate and aligns with its privacy claims. 'The trust we earn from our customers underscores everything we do in the cybersecurity industry. It's a currency that's hard to acquire and one we never take for granted. To maintain that trust, we not only strive each year to innovate and develop world-leading cybersecurity products, but we also fully commit to our promise not to monitor or record our users' online traffic. Having this assurance reaffirmed by independent, globally respected researchers for the fifth time demonstrates that privacy isn't just a buzzword at NordVPN — it's in our DNA,' says Marijus Briedis, CTO at NordVPN. During the engagement process, Deloitte's practitioners interviewed NordVPN's employees and inspected server infrastructure, and technical logs. They had access to NordVPN services from November 18 until December 20, 2024 and reviewed privacy relevant configuration settings and deployment processes of standard VPN, Double VPN, Onion Over VPN, obfuscated servers, and P2P servers. Deloitte Audit Lithuania conducted the assessment in accordance with the International Standard on Assurance Engagements 3000 (Revised) (ISAE 3000), established by the International Auditing and Assurance Standards Board (IAASB) with the aim of examining NordVPN's IT system configuration and management. NordVPN's first independent no-log engagement was completed in 2018, followed by second, third, and fourth assessments in 2020, 2022, and 2023, showing the company's continuous commitment to privacy. The full no-logs assurance engagement report is available to all NordVPN users, after logging in to their Nord Account user control panel. ABOUT NORDVPN NordVPN is the world's most advanced VPN service provider, chosen by millions of internet users worldwide. The service offers features such as dedicated IP, Double VPN, and Onion Over VPN servers, which help to boost your online privacy with zero tracking. One of NordVPN's key features is Threat Protection Pro™, a tool that blocks malicious websites, trackers, and ads and scans downloads for malware. The latest creation of Nord Security, NordVPN's parent company, is Saily — a global eSIM service. NordVPN is known for being user friendly and can offer some of the best prices on the market. This VPN provider has over 6,400 servers covering 111 countries worldwide. For more information, visit More information: brigita@ in to access your portfolio
Associated Press
14-02-2025
- Business
- Associated Press
NordVPN verifies its no-logs assurance assessment for the fifth time
NordVPN, a leading cybersecurity company, underwent an independent assurance engagement at the end of 2024. Seeking to maintain a high level of trust and transparency, NordVPN commissioned Deloitte Audit Lithuania, one of the market-leading Big Four firms, to conduct an assurance report on the configuration of its IT systems, supporting infrastructure, and no-logs claims. For the fifth time in NordVPN's history, an independent team of researchers verified that the company's no-logs statement is accurate and aligns with its privacy claims. 'The trust we earn from our customers underscores everything we do in the cybersecurity industry. It's a currency that's hard to acquire and one we never take for granted. To maintain that trust, we not only strive each year to innovate and develop world-leading cybersecurity products, but we also fully commit to our promise not to monitor or record our users' online traffic. Having this assurance reaffirmed by independent, globally respected researchers for the fifth time demonstrates that privacy isn't just a buzzword at NordVPN — it's in our DNA,' says Marijus Briedis, CTO at NordVPN. During the engagement process, Deloitte's practitioners interviewed NordVPN's employees and inspected server infrastructure, and technical logs. They had access to NordVPN services from November 18 until December 20, 2024 and reviewed privacy relevant configuration settings and deployment processes of standard VPN, Double VPN, Onion Over VPN, obfuscated servers, and P2P servers. Deloitte Audit Lithuania conducted the assessment in accordance with the International Standard on Assurance Engagements 3000 (Revised) (ISAE 3000), established by the International Auditing and Assurance Standards Board (IAASB) with the aim of examining NordVPN's IT system configuration and management. NordVPN's first independent no-log engagement was completed in 2018, followed by second, third, and fourth assessments in 2020, 2022, and 2023, showing the company's continuous commitment to privacy. The full no-logs assurance engagement report is available to all NordVPN users, after logging in to their Nord Account user control panel. ABOUT NORDVPN NordVPN is the world's most advanced VPN service provider, chosen by millions of internet users worldwide. The service offers features such as dedicated IP, Double VPN, and Onion Over VPN servers, which help to boost your online privacy with zero tracking. One of NordVPN's key features is Threat Protection Pro™, a tool that blocks malicious websites, trackers, and ads and scans downloads for malware. The latest creation of Nord Security, NordVPN's parent company, is Saily — a global eSIM service. NordVPN is known for being user friendly and can offer some of the best prices on the market. This VPN provider has over 6,400 servers covering 111 countries worldwide. For more information, visit
