Learn more about how iCIMS prioritises information security, privacy and data protection, and compliance across the iCIMS Talent Cloud.
The iCIMS Talent Cloud is built on our commitment to ensuring that strong security, privacy and data protection, and compliance controls are in place to protect our customers. Through our dedicated security, legal, and privacy teams, we are constantly monitoring, adapting, and improving our policies to handle the complexity of a constantly changing world.
iCIMS has a long commitment to information security. We have been ISO 27001 certified since 2014 and recently achieved its extension certificate, ISO 27701. The global privacy information and security certification supports compliance with the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other privacy legislation – demonstrating iCIMS’ commitment to upholding the highest standard of data security and protection with the most rigorous processes and systems in place. Additionally, we also align to the NSIT 800-171 and NIST 800-53 standards.
We clearly define our security policies and make them available for all customers and prospects to evaluate. We strive for transparency in how we address security and align to the fundamental position that we will never degrade our security policies.
We have a strong security and privacy incident response programme in place that is based off of NIST 800-61 standards. iCIMS treats all reported potential security events seriously and aligns with legal, regulatory, and contractual requirements to ensure that security incidents are properly addressed.
iCIMS has a dedicated Data Protection Officer (DPO) and privacy team to ensure we can provide the utmost care with regard to matters of data and privacy. Our privacy programme aligns with ISO 27701 and takes into consideration laws, regulations, and compliance requirements across the globe. We’re committed to clearly spelling out our privacy programme and how we process, gather, use, store, share, secure, retain, and dispose of sensitive and confidential information, including personal data, on behalf of our subscribers and their users.
Maintaining a single source of truth can help protect your enterprise by keeping data safe and processes compliant. iCIMS’ Talent Cloud platform continually meets rigorous privacy and compliance standards and regulations to ensure that your data remains secure, including CCPA and GDPR.
As a proud corporate member of the International Association of Privacy Professionals, we stand with our peers in our commitment to safeguarding our customers’ information.
We’re serious about compliance, both for our clients and across our company. All iCIMS data centers adhere to the following levels of compliance and certifications:
SOC1 (SSAE 16), SOC2, and SOC3 compliant
ISO 27001, ISO 27701, ISO 27017, ISO 27018 certified
PCI DSS 3.2 certified
GDPR ready
We are constantly working to improve our security, privacy, and data protection and compliance posture. With this in mind, we have completed the SOC 2, Type II Audit, which demonstrates iCIMS’ control effectiveness and represents an overview of iCIMS systems and the suitability of the design and operating effectiveness of security and availability controls over a period of time.
Our data centers are designed for high availability to protect against disaster. Our disaster readiness plans are tested quarterly to ensure viability.
