BigID Compliance

Our compliance program includes independent assessments of our products against several industry and regulatory frameworks including SOC2, ISO 27001, PCI, and others.

Our Compliance Approach

At BigID, we prioritize compliance with all relevant laws and regulations in the jurisdictions where we operate. We understand the importance of meeting these standards to protect your data.

If you have any questions regarding our compliance practices, you've come to the right place. Our goal is to provide you with clear and concise information to address any concerns you may have.

Certifications and Attestations

ISO27001

BigID engages a third-party auditor to independently assess our compliance.

Request a copy

SOC 2 + HIPAA

BigID’s SOC 2, Type 2 report covers the Security, Availability, Confidentiality, and Privacy Trust Principles and also includes an assessment against the HIPAA Security Rule.

Request a copy

PCI DSS

BigID engages a third-party auditor to independently assess our compliance.

Request a copy

FIPS 140-2

BigID’s code base has been evaluated by an independent third-party lab to validate compliance with NIST-defined requirements.

CDMC Certified Cloud Solution

BigID can help companies meet all 14 controls of the EDM Council's Cloud Data Management Capabilities. These controls range from discovery, catalog, classification, retention, privacy and security.

Standards and Assessments

SIG

Standardized set of questions designed to collect essential information about an organization's security and privacy practices.

Request a copy

CAIQ

Standardized questionnaire developed by the Cloud Security Alliance (CSA) to gather information about a cloud service provider's security controls and practices.

Request a copy

Software Bill of Materials

A document or inventory that provides a detailed list of all the software components and dependencies used in building a particular software application or system.

Request a copy

Cloud Security Alliance

The first level of certification within the Cloud Security Alliance (CSA) Security, Trust, Assurance, and Risk (STAR) program.

Request a copy