AWS is the gold standard for thousands of companies worldwide who rely on their extensive and integrated native security controls.
Browser-Based Web Application
All functionality is accessible from a web browser and any modern browser is compatible.
Servers are replicated and load-balanced across data centers and regions.
AWS data centers use biometric entry authentication and have 24/7 monitoring.
Technology & Security
audit, risk, and ESG compliance posture of organizations.
Security & Compliance Programs
In order to protect our customers and their data, AuditBoard has adopted a formal information security management program that governs software development, infrastructure operation, administration, and delivery of the AuditBoard product application.
AuditBoard maintains an ISO 27001-certified information security program, along with an extensive control environment that is aligned with and regularly assessed against industry standard frameworks such as NIST 800-53, SSAE-18 SOC 2, Cloud Security Alliance STAR, and HIPAA. The AuditBoard application is hosted exclusively on cloud infrastructure that meets FedRAMP moderate impact compliance requirements.
Download ISO 27001 Certificate here.
The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
Please See Our CAIQ.
Data Privacy Regulation
AuditBoard offers industry standard Privacy and Information Security terms to all customers.
Use industry standard SAML 2.0 to integrate your corporate directory or identity providers such as Active Directory, OneLogin, Okta, and many others.
Customize password strength requirements, password reuse policies, and failed login attempt limits.
Require users to authenticate with phone-based one-time passwords (OTP) as a second factor.
Limit what networks can access the AuditBoard application.
Use out-of-the-box role-based permissions or create custom roles to restrict what can be viewed and edited — down to the field level.
Strong end-to-end TLS 1.2 encryption protects customer data wherever it is transferred.
All customer files, databases, and backups are AES-256 bit encrypted before being written to permanent disk storage.
Your data is protected from loss, manipulation, or corruption by crytographic hashing controls that enforce versioning and provide secure transactional capabilities.
NIST-compliant data sanitization procedures are employed to securely delete data that has reached the end of its useful life.
All platform components are closely monitored to ensure performance, availability, and security.
Every data change made in the system is recorded against the authenticated user.
Every successful or failed attempt to access your AuditBoard instance is recorded and viewable.
Integrate the Solutions
You Depend on Most
Leverage the industry’s most modern platform and extensible integration layer to connect with the other applications your organization uses. Whether you use one of our pre-built integrations or our flexible API, the possibilities are endless.Learn More
Continuous Software Updates
Product upgrades that contain new security enhancements as well as the latest software updates are automatically applied.
All product updates undergo strict quality and security assurance testing before being made available for release.
AuditBoard platform security is regularly assessed by third-party penetration testers and security assessors.
Third-Party Vulnerability Disclosures
AuditBoard is committed to protecting its customers and will promptly evaluate and address any reported vulnerabilities.
While we accept third-party disclosures in good faith and without penalty, we do not offer bounties for submissions. You are welcome to submit any findings to email@example.com for review by the appropriate team.
Continuous, real-time backups allow for data recovery at 1-second granularity.
Encrypted full database backups are made daily and stored in encrypted, redundant, and versioned S3 storage.
Resiliency and Redundancy
Uptime is guaranteed by built-in redundancies at the regional, datacenter, hardware, container, and data levels.
All data and files in AuditBoard can be exported in common formats such as CSV.