Hi Compass team.
I'd like to install and use this app but the Security&Compliance team in my company asked the below questions. Before I get the answer to this question, I couldn't move forward to install and play with the app.
Will Compass be in scope for the next SOC 2 and ISO assessment that Atlassian will conduct?
thanks,
Gary,
Hi Gary,
First up — thanks for your interest in Compass and for asking after our compliance situation. Always love getting somebody new looking at the product. :)
Great news! We're already certified for both SOC2 and ISO 27001!
Upon checking we've realised that we don't appear in the "Relevant products" sections on either SOC 2 or ISO/IEC 27001:2013 pages, which makes it a bit harder than it should be to find this information. I'm asking if/how we can get included there.
But, if you go to the SOC 2 page and click "Download SOC 2" you'll come to an NDA form and can see that Compass is covered by the Atlassian Platform certificate. Download the cert and there's all the necessary information for Compass covered therein.
ISO is simpler; there's no NDA so just download the certificate and you can see Compass is included.
Hope that covers the requirements from your Security & Compliance team! Please don't hold back with any feedback or asks you have about Compass, we're all ears.
— Andrew
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.