XM Knowledge Base
Experience Management
Standing up to the toughest security requirements
With digital now being the default way of doing business, the security of customer and employee data is more important than ever. At Qualtrics, we’re continuously improving and expanding our security and compliance certifications to maintain the highest standard of information security for our customers. Our commitment to security and compliance is critical to our leadership in experience management, and we are proud to hold the best-in-class security certifications across regions and industries of any vendor in our category.
Today, Qualtrics is announcing that our platform obtained three new International Organization for Standardization (ISO) certifications. With these new certifications, Qualtrics customers can feel even more confident that their information is protected and rest assured that they are in compliance with laws, regulations, and policies. Qualtrics customers have the best-in-class security controls, frequent risk assessments, enhanced information security, and personally identifiable information (PII) protection.
Specifically, we’ve obtained three new certifications:
- ISO 9001:2015 requires organizations to demonstrate their ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements and aims to enhance customer satisfaction through the effective application of the system.
- ISO/IEC 27017:2015 outlines a code of practice for performing security controls within the cloud. It defines a set of principles, objectives, and business requirements for information handling, processing, storing, communicating, and archiving that an organization has developed to support its operations.
- ISO/IEC 27018:2019 defines a code of practice for the protection of PII in public clouds acting as PII processors. It encompasses commonly accepted control objectives, controls and guidelines for implementing measures to protect PII in line with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.
These certifications are in addition to existing security certifications and attestations including ISO 27001, SOC2 Type II, and FedRAMP Moderate. Qualtrics is also HITRUST certified, which means its technology platform provides customers the tools they need to manage HIPAA compliance.
More than 13,500 organizations trust using the Qualtrics platform to gather responsive, inclusive, and transparent information while protecting the most sensitive data. To learn more about Qualtrics security and compliance, please visit our website.