Our priority: your security
Software AG’s goal is to provide you with high-quality software and also the best possible security for your daily work. Especially, when using a hosted software service, it’s indispensable that you can rely completely on us.
Cloud information security management system
Securing Software AG Cloud with the highest industry standards
ISO/IEC 27001 is a widely recognized international security standard that specifies security management best practices and comprehensive security controls. The foundation of this certification is the development and implementation of an Information Security Management System (ISMS).
The Software AG Cloud ISMS defines our approach to managing security for cloud services in a holistic, comprehensive manner and provides a suite of information security measures to:
- Protect cloud information assets from unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction
- Proactively identify security risks, prevent, detect and respond to security breaches and violations
- Comply with legal, regulatory and contractual requirements
- Adopt an overarching management process to ensure information security controls meet information security needs on an ongoing basis
Software AG’s implementation of and alignment with ISO 27001 for cloud services demonstrates a commitment to information security at every level of the organization. Software AG is assessed by an independent third-party auditor to validate alignment with the ISO 27001 standard. Compliance with this internationally recognized standard is evidence that the Software AG cloud security program is comprehensive and in accordance with industry-leading best practices. The standard cloud services in scope of the ISO 27001 certification currently include operations for Alfabet, ARIS, webMethods DynamicApps (Agile Edition), webMethods API and webMethods Integration. All other components of Software AG Cloud will be added to the scope of the ISMS during 2019.
Service Organization Controls (SOC) Compliance Reports
SOC Reports are independent third-party examination reports that demonstrate how Software AG achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand Software AG controls established to support operations and compliance.