SOC Reports are independent third-party examination reports that provide detailed information and assurance about controls in place at service organizations. Refer to the AICPA for further details.
When outsourcing services, it is critical to verify that the service organization has effective internal controls in place. System and Organization Controls (SOC) Reports establish trust and confidence in a service organization by providing assurance their internal controls over the systems are designed and operating effectively.
To offer this assurance, Atlassian provides SOC 2 reports relevant to the security and availability of the systems Atlassian uses to process users' data and the confidentiality of the information processed by these systems. These reports can be used to evaluate Atlassian and verify that we meet your requirements from various teams including Security, Compliance, Internal Audit, and Procurement, among others.
With the addition of the Jira Align SOC2 Type II and Statuspage SOC2 Type II, Atlassian is proud to announce we have obtained SOC 2 Type II certifications for all of our cloud products: Bitbucket Cloud, Confluence Cloud, Jira Align, Jira Cloud, Opsgenie, Statuspage, and Trello.
You can download the latest certifications from our Compliance Page: https://www.atlassian.com/trust/compliance.
Atlassian SOC 2 Type II reports are maintained on an annual basis for a rolling 12-month cycle that begins in November and ends in October of the following year. External audits typically occur in November and refreshed reports are usually available prior to 31 December each year.
The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 165 national standard bodies. ISO brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges.
Atlassian has implemented and is certified with the below ISO standards:
ISO/IEC 27001 which outlines and provides requirements for an information security management system (ISMS).
ISO/IEC 27018 which is focused on the protection of personally identifiable information (PII).
What Atlassian Products have ISO/IEC 27001 and ISO/IEC 27018 Certificates?
Atlassian has added Jira Align and Statuspage to the ISO/IEC 27001 and ISO/IEC 27018 certifications. Now Bitbucket Cloud, Confluence Cloud, Jira Align, Jira Cloud, Opsgenie, Statuspage, and Trello are all certified to the ISO/IEC 27001 standard and ISO/IEC 27018 standard.
You can download these certifications from our Compliance Page: https://www.atlassian.com/trust/compliance.