Swimlane Trust Center
About

Swimlane Trust Center is a public-facing profile that contains compliance certifications/reports we hold, self-assessment questionnaires, internal information security policies, and info about our security team:

Highlights:

  1. Swimlane obtained certification for ISO/IEC 27001: 2022 on June 2nd, 2023. You can download our certificate, report, and Statement of Applicability below. Swimlane passed our ISO27001 surveillance audit on May 7th, 2024 with no non-conformities noted. All of these resources can be viewed and downloaded under the "Audits and Certifications" tab within the "ISO27001" folder.
  2.  Swimlane has completed our most recent SOC 2 Type 2 report covering the period May 3rd, 2023 through May 2nd, 2024. The audit covered the AICPA Trust Service Criteria categories of Security, Availability, Confidentiality, and Privacy. 
  3.  The Swimlane Security Whitepaper 2024 contains our security commitments in one central document. Please find it within the "Additional Documents" section below.
  4.  Swimlane Data Processing Addendum (DPA) is located within the "Additional Documents" section below

Please reach out to our Head of GRC, Jack Rumsey, for additional questions: jack.rumsey@swimlane.com 

Note for GDPR: Jack Rumsey serves as our Data Processing Officer (DPO).

Profile Quick Links
Audits and Certifications (4)
Questionnaires (1)
Additional Documents (38)
Assurance Center
Audits and Certifications  (4)
badge
SOC 2
2 Documents
badge
GDPR
badge
ISO 27001
4 Documents
badge
CSA STAR Level 1
1 Document
Questionnaires  (1)
badge
GDPR Processor Questionnaire
3 Documents
Additional Documents  (38)
Swimlane Security White Paper 2024.pdf
Swimlane SOC2 Type II Report 2024 - Final.pdf
Tevora-Swimlane-CMMI.png
Application and Interface Security Policy 2024.pdf
Audit and Assurance Policy 2024.pdf
BCDR and Resilience Policy 2024.pdf
Breach Notification Policy 2024.pdf
Business Continuity and Disaster Recovery Plan 2024.pdf
Change and Configuration Management Policy 2024.pdf
Code of Conduct.pdf
Data Classification & Handling Policy 2024.pdf
Data Security and Privacy Lifecycle Policy 2024.pdf
Datacenter and Asset Management Policy 2024.pdf
Encryption and Key Management Policy 2024.pdf
Endpoint Devices Policy 2024.pdf
GRC Program Policy 2024.pdf
HR Security Policy 2024.pdf
Identity and Access Management Policy 2024.pdf
Incident Response Plan 2024.pdf
Information Security Policy 2024.pdf
Infrastructure and Virtualization Security Policy 2024.pdf
Internal Audit Methodology 2024.pdf
Interoperability and Portability Policy 2024.pdf
ISMS Risk Assessment and Treatment Policy 2024.pdf
Logging and Monitoring Policy 2024.pdf
Security Incident Management Policy 2024.pdf
Supply Chain Management Policy 2024.pdf
Swimlane Security Awareness Training Outline.pdf
Vendor Management Policy 2024.pdf
Whistleblower Policy.pdf
Acceptable Use Policy 2024.pdf
Swimlane SDLC Process 2024.pdf
Threat and Vulnerability Management Policy 2024.pdf
Developer SAT Outline.pdf
Swimlane Data Processing Addendum 10.17.24.docx
Secure Software Development Framework (SSDF) Policy 2024.docx
Physical Security Policy 2024.pdf
Swimlane SIG Full 9.24.24.xlsx
lightbulb
Assurance Center
info

The Whistic Assurance Center is a summary of information in a profile organized in a way to help you find the information you need efficiently. Use this section to help answer questions on compliance and security posture in different topic areas quickly. (Learn More)

Domains
Sub-domains