Compliance
Cognite's Management System (QMS and ISMS) is ISO 9001 and ISO 27001 certified. Cognite and CDF operation and data processing comply with GDPR.
GDPR
Cognite doesn't store any GDPR-sensitive information in Cognite Data Fusion. If the customer chooses to store GDPR-sensitive personal data in Cognite Data Fusion, then Cognite Data Fusion provides the needed mechanisms for the customer to comply with GDPR. The customer can label the data which is GDPR-sensitive and retrieve this data upon request.
ISO 9001
The Cognite Quality Management system (QMS) is certified according to ISO 9001:2015.
ISO 27001
The Cognite Information Security Management system is certified according to ISO 27001. All controls of Annex A in ISO 27001:2013/2017 are included in Cognite's Statement of Applicability. Statement of Applicability is available upon request and under NDA.
SOC 2
Cognite holds a SOC 2® type 2 attestation from a 3rd party independent auditor.
SOC 2® - SOC for Service Organizations is developed by the American Institute of Certified Public Accountants (AICPA) and focuses on Trust Services Criteria.
Learn more: SOC 2® - SOC for Service Organizations: Trust Services Criteria.