NAVEX Global is committed to safeguarding your organization's personal data with regular security and privacy controls in place to ensure protection.
ISO 27001 requires that a company examine its security risks, take account of threats and vulnerabilities. From this assessment, it must design and implement a suite of information security controls and adopt an overarching management process to ensure the controls meet the organization's security needs on an ongoing basis. NAVEX Global maintains ISO 27001 at our primary data center.
System & Organizational Controls (SOC) Audits
NAVEX Global has and will maintain an annual SOC 2 Type II, or equivalent, report covering the measures and facilities involved in the provision of its services. This means internal controls are managed and reported on in a standardized way so users understand the controls and audits that are regularly conducted at NAVEX Global.
Standardized Data Questionnaries
To provide visibility to our customers on how we process and use their data, NAVEX Global has designed a standardized data questionnaire with supporting documentation upon request to give you a comprehensive view of how we protect your data.
Encrypted Backup of Customer Data
Backups are stored in an offsite facility through encrypted and secure channels using the latest encryption technologies. Backups are available at all times if there was ever a need to restore data. Our databases, where all customer data is stored, are backed up every six hours and our systems are backed up nightly. During disaster recovery testing we routinely recover systems in under three hours.
For more detail on storage in relation to the specific product or service used by you, as a customer, please contact your account executive or our customer support team.