Planview adheres to stringent standards / regulations and undergoes independent validation of compliance.
System Organization Control (SOC)
SOC 2 is an attestation report provided by a service auditor to provide controls assurance of an organization’s operational elements including security and confidentiality. Annually, Planview undergoes an audit of its controls for all products and is certified as compliant. A SOC 2 report can be provided upon request with a signed NDA.
ISO / IEC 27001 – Information Security Management System (ISMS)
Planview leverages an ISO certified information security management system to manage sensitive customer information to ensure it remains secure. ISO/IEC 27001 is an internationally recognized framework that incorporates people, processes and systems to develop a robust, risk-based approach to organizational security.
EU General Data Protection Regulation (GDPR)
GDPR went into effect in 2018 and imposes strict requirements related to the way organizations store and process the personal data of EU citizens. As a global company, Planview understands the important link between privacy and customer trust. The appointment and ongoing efforts of a dedicated Data Privacy Officer (DPO) are the basis of increased focus on earning that trust.
Integral to any information security management system is oversight and assessment of the controls within the system. Planview has a dedicated team of auditors who regularly assess these controls for both effectiveness and alignment with company policy and regulatory requirements.
Any system is only as secure as its weakest link. Planview partners with market leading organizations and holds them to very high standards. Data center providers and cloud hosting providers are both SOC 2 and ISO / IEC 27001 certified at a minimum. Additionally, Planview has a robust vendor assessment program to evaluate security and privacy controls when considering new partners.