Splunk Cloud Platform achieved the International Organization for Standardization’s information security standard 27001 (ISO 27001) certification in December 2015 and continues to update it annually. ISO 27001 is a specification that outlines security requirements for an information security management system (ISMS). Authorized users can access related documentation in the Customer Trust Portal.
Service Organization Controls (SOC) compliance is a standardized framework created by the American Institute of Certified Public Accountants (AICPA). It aims to assess service organizations' internal controls, policies and procedures with a focus on controls that impact financial reporting. Splunk Cloud Platform undergoes annual SOC 1 audits to assure the security, availability, processing integrity, confidentiality, and privacy of applicable data and systems.