In supporting our mission to empower leaders with the insights they need to better see, understand, and make business decisions, it’s crucial that our customers trust and have confidence in how we protect their data.
We consider compliance instrumental to building and maintaining this trust, and we achieve this through:
- Ensuring that we develop and implement internal processes and policies to meet the requirements of applicable laws and regulations.
- Implementing continuous monitoring of our internal controls, systems, and core infrastructure for alignment with our policies and external requirements.
- Conducting both organization-wide and role-specific training upon new hire and at least annually to ensure compliance with our policies and external requirements.
- Establishing the Trust Services team and program to validate, monitor, and manage ongoing compliance.
- Investing in considerable resources (e.g. maintaining data centers globally) to enable customers in complying with data localization or data residency requirements.
- Validating the effectiveness of our internal controls and practices through third-party attestations (e.g. audits and certifications).
Audits and Certifications
We have considered various internationally recognized certifications to help demonstrate and validate the adequacy of our security and privacy practices, and our approach to protecting your data. We provide our customers with such comfort through several sources, including third-party audits and attestations, certifications, and self-assessments.
|We undergo a System and Organization Controls (SOC) 2 Type II audit annually to offer our customers reasonable assurance on the design and operating effectiveness of our internal control environment. Visier’s SOC 2 Type II Report covers the Security, Availability, and Confidentiality Trust Services categories set forth by the American Institute of Certified Public Accountants (AICPA).
To learn more information about the AICPA and SOC 2, please click here to be directed to the official AICPA website.
|Our SOC 3 report includes an attestation letter from our external auditor that summarizes the results of Visier’s latest SOC 2 audit. The report also provides readers with a high-level overview and understanding of our organizational control environment. You can view the latest Visier SOC 3 report here.
To learn more information about SOC 3, please click here to be directed to the official AICPA website.
|We self-certify to the E.U. – U.S. and Swiss – U.S. Privacy Shield Frameworks and adhere to its requirements. This means we ensure that appropriate notice, choice, limited collection, and security safeguards are in place to protect your data.
To learn more information about these frameworks and to view real-time verification of Visier’s participation, please click here to be directed to the official Privacy Shield website.
|We receive third-party privacy verification through Trustarc to assess and maintain our compliance with the E.U.-U.S. Privacy Shield Program as well as demonstrate our dedication towards upholding industry-established, internationally recognized, privacy principles and standards.
To learn more information about TrustArc and to view real-time verification of Visier’s participation, please click here to be directed to the official TrustArc website.
|Established by the Cloud Security Alliance (CSA), the CSA Security Trust Assurance and Risk (STAR) Program provides a platform and open certification framework for SaaS organizations to assess and validate the security competencies of their internal environment.
As a participant in this program, Visier has completed the CSA Consensus Assessments Initiative Questionnaire (CAIQ) and successfully achieved the CSA STAR Level 1 status. Click here to learn more about our participation or see our responses to the CSA CAIQ on the CSA STAR Registry.