In order to protect our customers and their data, AuditBoard has adopted a formal information security management program that governs software development, infrastructure operation, administration, and delivery of the AuditBoard product application.
AuditBoard maintains an ISO 27001-certified information security program, along with an extensive control environment that is aligned with and regularly assessed against industry standard frameworks such as NIST 800-53, SSAE-18 SOC 2, Cloud Security Alliance STAR, and HIPAA. The AuditBoard application is hosted exclusively on cloud infrastructure that meets FedRAMP moderate impact compliance requirements.
John Volles
Director - Security, Privacy, and Trust
AuditBoard's SOC1 + SOC2 reports for the audit period 8/31/23 - 9/1/24 and corresponding bridge letters are available within the Trust Center. We expect that our 2025 SOC reports for the period 8/31/2
Following the reporting of CVE-2025-53770 and CVE-2025-49706, AuditBoard conducted an assessment to determine potential impact. AuditBoard does not use the affected technologies and is not impacted. Do not hesitate to reach out to customer-assurance@auditboard.com with any further questions.
Regards,
AuditBoard Security