Cloud costs
February 8, 2022
min read

Harness Achieves SOC 2 Compliance


I’m very pleased to announce the availability of Harness’ Service Organization Control (SOC) 2 Type II report. Compiled by Schellman, the report documents that the design and operation of Harness’ information security practices, policies, and procedures are suitable to meet the SOC 2 trust services criteria for security, availability, and confidentiality.

You can request the report today by reaching out to a Sales representative, or by contacting  

As companies continue to rely on service providers to perform activities that are core to their technical operations and business strategy, Harness recognizes the need to demonstrate the highest level of trust and transparency into cloud service providers’ operations, processes, and security posture.

The Type II audit process validates security policies and procedures, and the effectiveness of security programs over a defined period. This independent validation of security controls is crucial for customers in highly regulated industries, and will be a component of our annual audit processes going forward.  

In addition to SOC 2 compliance, we also completed annual re-certification to the International Organization for Standardization’s (ISO) information security standard 27001, and added additional controls to comply with standard 27017 (ISO/IEC 27001:2013, ISO/IEC 27017:2015). 

The ISO 27000 family of standards is a widely recognized international set of standards detailing best practices for the management of information security and privacy. The best known standard, ISO/IEC 27001:2013, establishes requirements for the effective management of information security controls within an Information Security Management System (ISMS). The ISO/IEC 27017:2015 standard establishes additional requirements for the secure management of cloud services.

ISO 27001 provides internationally recognized assurance that Harness is committed to safeguarding the security of its customers’ data. Harness achieved multi-site certification, covering its primary office locations in San Francisco and Bangalore.  

Finally, in addition to ISO 27001 and SOC 2, you can now find our CAIQ on the Cloud Security Alliance registry. Harness and our Security organization are committed to the continuous improvement of our security programs and capabilities. These compliance artifacts are one way to demonstrate our ongoing commitment to help you Get Ship Done with confidence!

Download the Checklist

Learn how to connect SEI with your existing tech stack and get insights. How to remove bottlenecks and improve planning and sprint hygiene

Start Free Trial

See our latest feature releases, product improvements and announcements

Request Demo

Sign up for a free 14 day trial and take your software development to the next level

We want to hear from you

Enjoyed reading this blog post or have questions or feedback?
Share your thoughts by creating a new topic in the Harness community forum.

Sign up for our monthly newsletter

Subscribe to our newsletter to receive the latest Harness content in your inbox every month.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.