MORE

ISO 27001

ISO 27001 is a security management standard that specifies security management best practices and controls based on ISO/IEC 27002:2013 best practice guide. As an ISO/IEC 27001‑certified organization there is a high level of integration between the ISO/IEC 27002:2013 code of practice and the ServiceNow Information Security Management System (ISMS). The ISO 27001 certification validates that ServiceNow:

  • Systematically evaluates our information security risks, taking into account factors including the impact of company threats and vulnerabilities
  • Designed and implemented comprehensive information security controls and risk management practices to address company and architecture security risks 
  • Adopted a continuous risk management process to ensure that the appropriate information security controls are in place to meet an evolving threat landscape and risks

ServiceNow has been an ISO 27001‑certified organization since 2012.