Information Security Certificate

This is to certify that on the date 14th July 2017

Visma Sign v.2846 (Target)

has been assessed by information security professionals of Nixu Corporation and verified to be secure for its intended use as an electronic signing service.

The certification is valid until 14th July 2018.

The target has been approached comprehensively from the hacker perspective by using similar methods and resources that the potential attackers would likely use to attack and compromise this type of information system.

The security controls of the target are verified to be adequate to protect information classified as confidential on the scale public/confidential/secret against attacks sourcing from public Internet.

Based on the assessment, Nixu Corporation hereby confirms that:

Conditions of Issuing

Nixu Corporation is an independent information security expert services company, whose consultants perform over 400 security projects each year for various clients (www.nixu.com). This certificate is not valid if the target is used for any other purpose that it was intended at the time of certification. This certificate is valid for one year from the actual audit. For each major version revision a new audit needs to be performed to uphold the certificate. This or any certificate can not and does not guarantee absolute security. Therefore Nixu Corporation is not liable of any loss or damage in case of security breach.