I’m very pleased to announce the availability of Harness’ Service Organization Control (SOC) 2 Type II report. Compiled by Schellman, the report documents that the design and operation of Harness’ information security practices, policies, and procedures are suitable to meet the SOC 2 trust services criteria for security, availability, and confidentiality.
You can request the report today by reaching out to a Sales representative, or by contacting trust@harness.io.
As companies continue to rely on service providers to perform activities that are core to their technical operations and business strategy, Harness recognizes the need to demonstrate the highest level of trust and transparency into cloud service providers’ operations, processes, and security posture.
The Type II audit process validates security policies and procedures, and the effectiveness of security programs over a defined period. This independent validation of security controls is crucial for customers in highly regulated industries, and will be a component of our annual audit processes going forward.
In addition to SOC 2 compliance, we also completed annual re-certification to the International Organization for Standardization’s (ISO) information security standard 27001, and added additional controls to comply with standard 27017 (ISO/IEC 27001:2013, ISO/IEC 27017:2015).
The ISO 27000 family of standards is a widely recognized international set of standards detailing best practices for the management of information security and privacy. The best known standard, ISO/IEC 27001:2013, establishes requirements for the effective management of information security controls within an Information Security Management System (ISMS). The ISO/IEC 27017:2015 standard establishes additional requirements for the secure management of cloud services.
ISO 27001 provides internationally recognized assurance that Harness is committed to safeguarding the security of its customers’ data. Harness achieved multi-site certification, covering its primary office locations in San Francisco and Bangalore.
Finally, in addition to ISO 27001 and SOC 2, you can now find our CAIQ on the Cloud Security Alliance registry. Harness and our Security organization are committed to the continuous improvement of our security programs and capabilities. These compliance artifacts are one way to demonstrate our ongoing commitment to help you Get Ship Done with confidence!