Governance and Data
Our Governance & Data Responsibility Program ensures that we have robust policies and commitments in place across corporate governance, ESG oversight, ethics and transparency, human rights, responsible sourcing, health and safety, data privacy and security, and risk management.
Corporate Governance and Ethics
Serving the social impact community requires that we uphold the highest governance and ethical standards across our company. We demonstrate our ongoing commitment to operating our business with integrity through corporate governance guidelines, Board committee charters, codes of conduct for employees and partners, and a safe, efficient ethics complaint process.
How we’re doing:
- Added United Airlines Chief Information Security Officer Deneen DeFiore to our board to provide another level of cybersecurity oversight for the company
- Added our Chief Information Security Officer to the company’s disclosure committee to ensure we have the right level of visibility and expertise represented in the event of a security breach
- 100% of employees complete annual training on the Code of Business Conduct and Ethics
Data Privacy and Security
Our customers’ trust is a top priority and is embedded in everything we do. We are committed to providing them with the confidence that their technology and data are secure and continue to make significant investments in our security program.
- Operational security: We leverage the industry standard CIA Triad Model in conjunction with comprehensive industry control frameworks, compliance regulations, privacy requirements, and best practices, including: NIST CSF, PCI DSS, SOC 1, SOC 2, GDPR, and Cloud Security Alliance. We’ve also grown our cybersecurity team by 154% since 2022, and we anticipate continued growth by nearly 40% by end of 2023.
- Product security: Our development teams take part in regular training and use industry-leading tools to build security into our solutions.
- Incident response: We monitor the threat landscape 24/7 in coordination with a third-party firm, routinely test our incident response capabilities and preparedness, and maintain proactive relationships with law enforcement.
- Ongoing landscape analysis: Our dedicated legal counsel continually evaluates upcoming and changing data privacy regulations and provides thought leadership for our customers on the operational impacts of these regulations and compliance requirements.
Learn more about our robust cybersecurity and data privacy practices, or to access our security assessments and audits.
Learn about our other ESG priorities
People and Culture
As we provide essential software for impact, we embrace diverse perspectives and experiences and support employees’ well-being.
Fueling Social Impact
We unleash the potential of the people and organizations who change the world through our essential software and services.