Security Trust Centre

Overview

Welcome to Culture Amp's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.

Compliance

CCPA

GDPR

ISO 27001

ISO 27001 SoA

LGPD

SOC 2

SOC 3

Documents

ISO 27001

ISO 27001 SoA

SOC 2

SOC 3

Privacy Whitepaper

Pentest Report

GDPR

CAIQv4.0.2

Risk Profile

Third Party DependenceYes

HostingMajor Cloud Provider

Product Security

Audit Logging

Integrations

Product Architecture

Reports

Pentest Report

Self-Assessments

CAIQv4.0.2

Data Security

Access Monitoring

Backups Enabled

Data Erasure

App Security

Responsible Disclosure

Secure Development Training

Vulnerability & Patch Management

Legal

Subprocessors

Cyber Insurance

Data Privacy

Privacy Whitepaper

Access Control

Data Access

Logging

Password Security

Infrastructure

Amazon Web Services

Separate Production Environment

Endpoint Security

Disk Encryption

Endpoint Detection & Response

Mobile Device Management

Network Security

IDS/IPS

Security Information and Event Management

Virtual Private Cloud

Corporate Security

Employee Training

Incident Response

Penetration Testing

Policies

Acceptable Use Policy

Backup Policy

Business Continuity Policy

Security Grades

We are constantly monitoring the security of our website. We will post our grades from public security rating agencies when they become available.

Trust Center Updates

Culture Amp SOC2 Type 2 complete. SOC3 Report available.

ComplianceCopy link

Culture Amp SOC2 Type 2 complete. SOC3 Report available for download from our security trust centre.

Published at N/A

Citrix ADC and Citrix Gateway

VulnerabilitiesCopy link

Culture Amp is not impacted by the Citrix Vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467).

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Report Issue