Our security mindset and posture is continuing to evolve to meet those high standards. It also means we wanted to expand our compliance program – including being ISO 27001:2013 certified since 2017 – by applying for independent recognition for two more security standards.
After all, our customers are important to us. As Workable’s Chief Technology Officer and Chief Information Security Officer, it’s very important to me as well. We want to give you an added level of confidence that Workable is a fully secure organization.
The good news for you is that after being rigorously audited and assessed, we’re proud to say we’re officially ISO 27017:2015 and SOC 2 Type 1 accredited.
ISO 27017:2015 is SaaS-oriented and certifies that we have guidelines for information security controls applicable to the provision and use of cloud services.
SOC 2 type 1
SOC 2 type 1 proves that Workable has designed appropriate controls to provide reasonable assurance that our service commitments and system requirements were achieved based on the AICPA Trust Services Criteria relevant to Security, Availability, and Confidentiality. We will be moving forward with SOC 2 type 2 to further validate the strength of our security controls over time. For more information, check out our documentation on it.
This isn’t just about being able to prove that our tech is safe and secure. It’s also about proving that Workable operates safely and securely – meaning you, your business, and your information are safe and secure when working with us as well.