Solutions

  • Products
  • Use Cases
  • Industries
  • WHITE PAPER
  • HR and IT better together
  • Boost productivity and attract quality talent with great employee experiences.
  • WHITE PAPER
  • Healthcare security 101
  • Drive clinical excellence and improve care outcomes with a connected system.

Platform

  • ANALYST REPORT
  • The value of digital workflows
  • Get apps to market in half the time at a third of cost with higher satisfaction.

Customers

  • SUCCESS NAVIGATOR
  • Your prescription for success
  • Accelerate outcomes with a step-by-step action plan of proven best practices.

Explore

  • VALUE CALCULATOR
  • Live up to your potential
  • Determine the untapped value across your entire business in just 60 seconds.

Your unending trust is our ultimate goal

How ServiceNow delivers secure, scalable, and compliant cloud services

Trust is essential to building a successful partnership

Your confidence in our ability to repel security threats, protect your data, and help you comply with global mandates is essential to our partnership with you. This is why we’ve made significant investments in technology, processes, and expertise to ensure that our cloud services meet your highest standards.

Operations and Availability

Our cloud is designed to exceed your high-availability requirements and always be operational. And our unique, multi‑instance architecture lets you fully customize your cloud services and perform upgrades on your own schedule.

EBOOK

Performance, scalability, and availability

This is an overview of how ServiceNow delivers a true enterprise-grade cloud.

BLOG

What is Real Availability in Your Cloud?

Learn why the way the cloud industry measures availability needs to change.

Security and Assurance

Because your data security is paramount to us, we’ve engineered our cloud services to ensure that your data is secure at all times. And we add new security properties to each release of the Now Platform.

WHITE PAPER

Encryption tech for data protection on the Now Platform

This white paper provides the information needed to select the best solutions based on your security needs.

EBOOK

Performance, scalability, and availability

This is an overview of how ServiceNow delivers a true enterprise-grade cloud.

Privacy and Compliance

We’re committed to giving you full control over your data. We adhere to one of the broadest portfolios of industry standards and we’ll comply with new digital privacy and safety mandates as they evolve.

WHITE PAPER

Complying with GDPR

Learn about the EU’s General Data Protection Regulation and best practices for complying.

OVERVIEW

Qualifying ServiceNow as a vendor

See brief descriptions of the global standards that ServiceNow complies with.

STATEMENT

ServiceNow Privacy Statement

Peruse our privacy practices regarding the collection and use of data obtained via our websites, events, and more.

STATEMENT

ServiceNow Privacy Shield Policy

This is an outline of how we comply with the EU‑US Privacy Shield Framework and the Swiss-US Privacy Shield Framework.

FAQ

Data Processing Annex & Data Security Guide Questions

Here are answers to DPA and DSG FAQs about the differences that you may see with our forms.

STATEMENT

Data Processing Addendum

This DPA reflects part of the agreement between ServiceNow and customers regarding the processing of personal data.

STATEMENT

ServiceNow Cookie Policy

The policy describes the information we collect by automated means via the use of data gathering tools.

Certifications

ISO/IEC 27001:2013

Close Event Overlay.
ISO/IEC 27001:2013

The ISO/IEC 27001:2013 certification specifies security management best practices and controls based on the ISO/IEC 27002 best practice guide. It ensures that our information security management system (ISMS) is fine-tuned to keep pace with changes to security threats, essential in the fast-paced world of IT security.

Re-certification is obtained by audit every three years, inclusive of an annual surveillance audit order to prove that ServiceNow:

  • 1. Has designed and implemented a comprehensive ISMS.

  • 2. Has adopted a continuous risk management process to ensure that the appropriate information security controls are in place to meet an evolving threat landscape and risks.

  • 3. Systematically evaluates information security risks appropriately, taking into account several factors, including the impact of company threats and vulnerabilities.

ServiceNow has been an ISO/IEC 27001 certified organization since 2012 and the certificate is available here

ISO/IEC 27017:2015

Close Event Overlay.
ISO/IEC 27017:2015

The ISO/IEC 27017:2015 standard is concerned with the implementation of the cloud-specific information security controls specified in ISO/IEC 27002.

The certification is gained by an annual independent audit and ServiceNow has been an ISO/IEC 27017:2015 certified organization since 2018.

ISO/IEC 27018:2014

Close Event Overlay.
ISO/IEC 27018:2014

The ISO/IEC 27018:2014 is a code of practice based on ISO/IEC 27002 and is concerned with the protection of personally identifiable information (PII) in public clouds in accordance with the privacy principles in ISO/IEC 29100.

The certification is gained by annual independent audit and ServiceNow has been an ISO/IEC 27018:2014 certified organization since 2016.

SSAE 18 SOC 1 and SOC 2 Reports

Close Event Overlay.
SSAE 18 SOC 1 and SOC 2 Reports

The Service Organizational Control (SOC) framework is an attestation that ServiceNow meets the required standard regarding having controls in place to protect the confidentiality, integrity and availability of our customers’ data in the cloud.

  • - SOC 1 focuses on the effectiveness of internal controls that affect the financial reports of customers

  • - SOC 2 evaluates controls that are relevant to availability, integrity, security, confidentiality, or privacy.

ServiceNow is audited annually by a third party and has maintained its SSAE 18 SOC 1 Type 2 attestation since 2011 (SSAE 18 superseded SSAE 16 in 2017). SSAE 18 is aligned with ISAE3402 and replaced the now-deprecated SAS70.

ServiceNow has also undertaken an annual SOC 2 Type 2 attestation since 2013, relevant to security and availability controls listed in the AICPA Trust Services Criteria (TSC).

PinkVERIFY™

Close Event Overlay.
PinkVERIFY™

PinkVERIFY™ ensures that ServiceNow is able to demonstrate that its IT Service Management (ITSM) products are compatible with the Information Technology Infrastructure Library (ITIL) best practices.

ServiceNow is proud to have been the first SaaS vendor to achieve PinkVERIFY™ status on 11 ITIL processes back in 2009 and has continuously evolved and improved its ITSM solutions while maintaining this industry certification.

FedRAMP JAB Moderate Certification (for US government entities)

Close Event Overlay.
FedRAMP JAB Moderate Certification (for US government entities)

ServiceNow is honored to have achieved the U.S. Federal Risk and Authorization Management Program Joint Authorization Board certification (FedRAMP JAB) at the Moderate level. This enables us to accelerate the adoption of our secure cloud solutions by US federal agencies and provides a standardized approach for assessing, monitoring, and authorizing cloud computing products and services under the Federal Information Security Management Act (FISMA).

ServiceNow received its JAB Moderate P-ATO in 2016. The FedRAMP JAB Moderate P-ATO also meets the requirements for DoD Impact Level 2.

DoD Impact Level 2 Certification (for US DoD/IC entities)

Close Event Overlay.
DoD Impact Level 2 Certification (for US DoD/IC entities)

DoD Impact Level 2 Certification facilitates the procurement of ServiceNow products by the US Department of Defense (DoD) and Intelligence Community (IC). It sets out a baseline standard defined by the Defense Information System Agency (DISA) in the Security Requirements Guide (SRG) for cloud computing.

In 2016, ServiceNow obtained its DoD Impact Level 2 (IL-2) certification. The IL-2 standard is based on FedRAMP Moderate controls, as well as addition controls defined by DISA.

Privacy Shield Compliance

Close Event Overlay.
Privacy Shield Compliance

ServiceNow complies with the EU U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework set forth by the United States Department of Commerce with respect to the collection, use, and retention of personal data transferred from the European Union and the United Kingdom, and Switzerland to the United States, respectively. To learn more about the Privacy Shield Framework, please visit the Department of Commerce’s dedicated Privacy Shield website, located here

Multi-Tier Cloud Security Standard for Singapore (MTCS) Level 3

Close Event Overlay.
Multi-Tier Cloud Security Standard for Singapore (MTCS) Level 3

MTCS Level 3 is a certification that ensures that ServiceNow meets standards regarding the confidentiality and integrity of our customers’ data in the cloud for Singapore. It builds upon ISO/IEC 27001 and covers the sovereignty, retention, and availability of data, along with business continuity planning and disaster recovery.

ServiceNow is proud to have achieved MTCS Level 3, the highest level of certification available.

ASD IRAP Certified Cloud Service

Close Event Overlay.
ASD IRAP Certified Cloud Service

Being an ASD IRAP Certified Cloud Service enables ServiceNow to effectively engage with Australian government agencies in order for them to use the Now Platform®. This certification standard is set by the Australian Signals Directorate (ASD) which is an intelligence agency in the Australian government’s Department of Defense.

ServiceNow is proud to have gained ASD Certification in 2017 and has been issued with an ASD Certification Letter and Certification Report accordingly.

Thank You

Thank you for submitting your request. A ServiceNow representative will be in contact within 48 hours.

form close button

Contact Us

I would like to hear about upcoming events, products and services from ServiceNow. I understand I can unsubscribe any time.

  • By submitting this form, I confirm that I have read and agree to the Privacy Statement.