Certifications Update FY21

Certifications Update FY21

SOC 2

Overview

System and Organization Controls (SOC) Reports are independent third-party examination reports that provide detailed information and assurance about controls in place at service organizations. Refer to the AICPA for further details.

When outsourcing services, it is critical to verify that the service organization has effective internal controls in place. SOC Reports establish trust and confidence in a service organization by providing assurance their internal controls over the systems are designed and operating effectively.

To offer this assurance, Atlassian provides SOC 2 reports relevant to security and availability of the systems Atlassian uses to process users' data and the confidentiality of the information processed by these systems. These reports can be used to evaluate Atlassian systems or products and verify that we meet your requirements from various teams including Security, Compliance, Internal Audit, and Procurement, among others.

What Atlassian Products have SOC 2 Reports?

Atlassian is proud to announce we have obtained updated SOC 2 Type II reports for Jira Cloud (including Automation for Jira), Confluence Cloud, Bitbucket Cloud, Trello, Opsgenie, Statuspage, and Jira Align.

In addition, we have also added Halp and Jira Service Management to our portfolio of SOC 2 Type II reports.

You can download the latest certifications from our Compliance Page: https://www.atlassian.com/trust/compliance.

When are SOC 2 Reports Published?

Atlassian SOC 2 Type II reports are maintained on an annual basis for a rolling 12-month cycle that begins in November and ends in October of the following year. External audits typically occur in November and refreshed reports are usually available prior to 31 December each year. 

Bridge Letters

Bridge letters are used to bridge the “gap” between the end date of the most recently completed SOC report(s) and the date of the bridge letter.

You can download the latest bridge letter from our Compliance Page: https://www.atlassian.com/trust/compliance.

ISO/IEC 27001 and ISO/IEC 27018

Overview

The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 164 national standard bodies. ISO brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges.

Atlassian has implemented and is certified with the below ISO standards:

  • ISO/IEC 27001 which outlines and provides requirements for an information security management system (ISMS).

  • ISO/IEC 27018 which is focused on the protection of personally identifiable information (PII) and also supports our GDPR compliance.

What Atlassian Products have ISO/IEC 27001 and ISO/IEC 27018 Certificates?

Atlassian has received ISO/IEC 27001 and ISO/IEC 27018 certification renewals for Jira Cloud (including Automation for Jira), Confluence Cloud, Bitbucket Cloud, Trello, Statuspage, Opsgenie, and Jira Align. Jira Service Management is also now certified to the ISO/IEC 27001 standard and ISO/IEC 27018 standard. The Statement of Applicability (SoA) is available upon request via support.

You can download these certifications from our Compliance Page: https://www.atlassian.com/trust/compliance.

1 comment

Comment

Log in or Sign up to comment
Jimmy Seddon
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
February 17, 2021

Thanks for sharing the update @Victoria!

TAGS
AUG Leaders

Atlassian Community Events