At LogicGate, we empower our customers to approach risk with confidence. Building and maintaining trust is at the heart of everything we do. As part of our unwavering commitment to our customers, our goal is to provide transparency into our security strategies and processes. Find the latest updates and information on our security, compliance, and privacy strategies below.
We are dedicated to making Risk Cloud® the most secure GRC platform on the market and our priority is keeping your data secure. Developed by GRC experts, Risk Cloud is built with security in mind — embedded with features to enable confidentiality, integrity, and high availability.
We are committed to making Risk Cloud a platform where you can easily meet and maintain your organization’s compliance requirements. Using NIST CSF as a guiding framework, LogicGate supports our customers’ compliance needs by undergoing annual SOC 2 Type II and ISO 27001 audits by reputable third parties and aligning to regulatory frameworks such as GDPR.
We take protecting your data and your customers’ data very seriously. Through safeguards like data encryption at rest and in transit, our “privacy by design” approach leverages industry-standard practices to ensure the confidentiality of your organization’s data while also meeting your organization’s privacy obligations. We never, ever sell your data.
LogicGate is committed to safeguarding our customer's data and operates a Vulnerability Disclosure Program (VDP). Recognizing the essential role of independent security researchers, we invite them to report potential security issues on this page to enhance the safety of our platform.
In addition to supporting customer compliance needs through annual certification of SOC 2 Type II and ISO 27001:2013, LogicGate also participates in the voluntary CSA Security, Trust & Assurance Registry (STAR) Self-Assessment. Our completed CSA Consensus Assessments Initiative Questionnaire (CAIQ) is published on the CSA website.
Explore these articles and blog posts from LogicGate and our InfoSec team.