Security

We protect your data with industry-standard encryption in transit (TLS1.2+) and at-rest (AES 256) with administrative controls to enforce organization-wide protection, such as SAML/SSO with enforced 2FA. To report a ZenGRC security threat or vulnerability, please contact security@zengrc.com.

Reliability

Our GRC platform is designed for high performance and availability. Built on best-in-class core technologies, such as AWS, it scales confidently and securely.

Learn about our subprocessors.

Privacy

Committed to protecting your privacy, we employ industry best practices to allow you to choose where your data is located and prevent it from unauthorized access. ZenGRC is GDPR compliant.

Compliance

Offering the best in GRC solutions, we lead by example to help our customers meet their organization’s compliance needs. ZenGRC undergoes independent SOC2 Type II third-party audits and penetration testing, and we are GDPR compliant.