The gold standard in security certifications

Our Information Security Management System comprises a comprehensive set of policies and controls across People Practices, Operational Procedures and Technical Controls. 

The world’s most secure employee experience app

Trusted by the world’s biggest brands

Certified and Secure

Collaborate with confidence

Our Security Statement

We know based on our close partnerships with some of the world’s largest and most security conscious enterprises that security really does matter. Enterprises of every scale and scope demand that their data is at all times collected, processed and stored securely whilst satisfying all legal, industry and regulatory requirements. In particular, we recognise the significant importance of having transparency around security practices and that 3rd party attestation aligned to the relevant security standards is key to underpinning confidence.

At Workvivo, we prioritise security through our continuous investment in our comprehensive Information Security Management System (ISMS) and, as a company, continuing to maintain our compliance with multiple Globally recognised “Gold Standards” in Security certifications: ISO 27001 and SOC 2.

Workvivo is ISO 27001 certified
We also generate an annual SOC 2 Type 2 report
The Gold Standards in Security certifications

People Practices

Security is central to Workvivo and all of its employees. All employees are aware of their role and related responsibilities within the effective operation of our ISMS and agree to comply with very well defined security policies within their employment contracts.

Security Awareness

Security awareness training is delivered with a regular cadence with specialist detailed training delivered on our secure software engineering processes and enforcing tools to the Product team.

The Workvivo ISMS also comprises a comprehensive set of people policies for on-boarding, off-boarding and around use of all Workvivo devices. 

Operational Procedures 

The Workvivo ISMS comprises a wide variety of documented policies and related operational procedures aligned to the ISO 27001 standard and SOC 2 controls. This is inclusive of the following sample of key policies and procedures: 

Technical Controls

Our compliance with ISO 27001, coupled with the creation of an annual SOC 2 Type 2 report, demands that we continuously continue to invest in a set of layered and integrated technical security controls spanning from Workvivo employee devices into the AWS cloud.

Cloud Based

Workvivo is a cloud solution hosted in AWS and leverages many of the widely proven security services provided by AWS. Testing of all controls and countermeasures is an on-going process.

Workvivo has also contracted with a highly recognized and reputable 3rd party penetration testing organisation to test and create reports against both the Workvivo cloud infrastructure and Workvivo application with a regular cadence. All test reports are available under NDA. 

Workvivo is an ISO 27001 certified organization Download our ISO 27001 certificate here

Audited annually by our AICPA auditor partners, Workvivo makes its SOC 2 Type 2 report available under NDA on an annual basis.

Workvivo customers have assurance that we manage information security according to both of the Gold standards of globally recognised security certifications.

Ready to get started?