Please Try a Different Browser

You are using an outdated browser that is not compatible with our website content. For an optimal viewing experience, please upgrade to Microsoft Edge or view our site on a different browser.

If you choose to continue using this browser, content and functionality will be limited.

Standards and certifications


A secure network is built on a strong foundation

We believe our customers' trust is something earned, not assumed. Ensuring the integrity of all the data we handle, as well as the security of our global network is at the heart of everything we do. We handle highly sensitive customer information and we take our responsibility to safeguard it very seriously. We make certain our security processes and controls are comprehensive.

We connect the world’s largest companies and government agencies to their thousands of suppliers around the globe, and vice versa. With that in mind, the success of our network begins with its prioritisation of confidentiality, availability and integrity. These values are ingrained in our culture and practices.

ISO 27001

An internationally recognised best practice framework for an information security management system (ISMS) and a suite of activities that governs information security risks.

Read More

ISAE 3402

The International Standard on Assurance Engagements (ISAE) No. 3402. ISAE 3402 was issued by the International Auditing and Assurance Standards Board (IAASB), which is part of the International Federation of Accountants (IFAC). At Tungsten Network, we adopted this standard in 2011.

There are two types of Service Auditor's Reports: Type 1 and Type 2. A Type 1 report describes the company’s description of controls at a specific point in time. A Type 2 report not only includes the company’s description of controls, but also detailed testing of the company’s controls over a minimum six-month period. At Tungsten Network, we have committed to conducting an ISAE 3402 Type 2 audit every year. If you are a customer or a third party with an existing non-disclosure agreement, you can ask your contact at Tungsten Network for a copy of this report.

Read More

Cyber Essentials

Cyber Essentials certifies that cybersecurity protocols and controls are present to protect against cyberattacks.

It is a mandatory accreditation for suppliers of UK Government contracts that involve handling personal information and providing certain ICT products and services. Cyber Essentials enables Tungsten Network to be compliant with the PEPPOL framework.

Read More


The TrustWeaver-Verified service assesses key aspects of European VAT compliance covered by our electronic invoicing services.

It shows that we validate against all local indirect tax and commercial legislation in real-time. The trust mark also shows that our adherence to good practices has been successfully reviewed by TrustWeaver’s experts. Only service providers that have completed the programme can display the TrustWeaver-Verified trust mark on their websites and documentation.

Read More


Government Cloud Computing (G-Cloud) is a UK government programme promoting government-wide adoption of cloud computing. The initiative focuses on cloud computing's capability for economic growth, capitalising on cloud's cost savings and flexibility to create a more efficient, accessible means of delivering services.

The programme requires us to self-certify and supply evidence against the 14 Cloud Security Principles of G-Cloud as part of the G-Cloud Framework on-boarding process quality checks. Any suppliers found maliciously in breach of their assertions can, following investigation by the G-Cloud Authority, be disqualified from the G-Cloud Framework.

We are compliant to the 14 Cloud Security Principles of G-Cloud and have passed the on-boarding process. 14 Cloud Security Principles is available here. Details of our listing in the Digital Marketplace are here.

Read More


PEPPOL (Pan-European Public Procurement Online) enables government organisations and private companies to exchange electronic trading documents over an interoperable, European-wide network.

PEPPOL offers a standardised network connection for electronic ordering, invoicing and shipping.

PEPPOL also enables access to its network through accredited ‘Access Points’. Access Points connect users to the PEPPOL network and exchange electronic documents based on the PEPPOL specifications. Buyers and suppliers are free to choose their preferred single Access Point provider to connect to all PEPPOL participants already on the network. (‘Connect once, connect to all’).

Tungsten Network has been through the accreditation process to ensure we comply with PEPPOL specifications and has been certified as a Certified PEPPOL Access Point.

Read More


The European Commission, 2014/55/EU requires all public administrations to accept paperless billing presented in the specific formats defined in the EN (European Norm).

France has implemented this by creating the Chorus Pro gateway and has mandated a phased approach to its adoption.

  • January 2017 – Chorus mandatory for B2G invoices from Companies with over 5000 staff and earnings of over €2M
  • January 2018 – Expanded to companies with over 250 staff or earnings above €1.5M
  • January 2019 – Includes small and medium-sized companies
  • January 2020 – Micro-enterprises

We are able to deliver invoices in the required format.

Tungsten Network is committed to removing friction from your billing-to-cash cycle and will establish connections to all EU Public Sector Gateways, as and when they are put in place.

Please contact us for more information or advice.

Read More