To demonstrate our commitment to data security, we collaborate with vetted third parties to audit our platform, data security processes, and compliance with global regulations.
These audits hold us accountable and ensure that we are meeting the highest standards for data security and protecting our users' privacy. Below is a list of all of our current certifications, pledges, and audits, with more on the horizon.
In 2021, Proctorio worked with A-LIGN, an independent, third-party auditor, to complete our SOC 2 Types 1 and 2 (System and Organization Controls) cybersecurity audits. These audits assessed the privacy, confidentiality, security, availability, and processing integrity of our software. Being SOC 2-compliant means Proctorio is designed to keep our users' private data secure.
Read more about this audit on our News page
In June 2024, Proctorio achieved ISO/IEC 27001:2022 certification, an information security certification developed by the International Standards Organization (ISO) and the International Electrotechnical Commission (IEC) to standardize the process for establishing, implementing, operating, monitoring, reviewing, and maintaining an ISMS (information security management system). ISO 27001 focuses on data confidentiality, integrity, and availability and certifies that our ISMS was implemented and managed effectively.
Read more about this certification on our News page
Proctorio achieved ISO 27018:2019 certification in 2022. An extension of our ISO 27001 certification, ISO 27018 provides 25 additional privacy and security controls. This newer certification from the International Standards Organization examines the capacity of Proctorio’s cloud to handle personally identifiable information (PII) and ensures user information and data are protected.
Read more about this certification on our News page
Proctorio worked with A-LIGN, an independent third-party auditor, to complete both certification audits. Proctorio also anticipates completing the SOC 2 Type 2 security audit, an internal controls report that verifies how a company safeguards customer data.
In 2020, Proctorio engaged White Oak Security, a leading information security consulting company, to perform a month-long assessment of our software and the cloud environment. White Oak Security tested regions around the world—including the U.S., Canada, the European Union, Australia, and the Middle East—to confirm that Proctorio's exam audio and video recordings are stored properly, according to local privacy and security laws.
White Oak Security's penetration testing showed Proctorio appropriately implemented cryptographic functionality and end-to-end encryption. Vetted, industry-standard algorithms also confirmed that we never possess the encryption keys for stored exam audio and video recordings, meaning only approved institution representatives can see a test-taker's personally identifiable information (PII).
Proctorio was heavily involved in the development of IMS Global LTI standards and received the IMS LTI certification in January 2020. This means our Learning Integrity Platform passed stringent IMS tests and audits for interoperability, our software's ability to exchange and utilize data.
Proctorio has proudly been awarded the IMS Data Privacy Seal for privacy and data security policies and practices. This seal certifies that an ed-tech application or extension has satisfactorily completed the IMS TrustEd Apps vetting process. The product's ratings on the IMS TrustEd Apps Rubric are reflective of each application's or extension's approach to four key areas: collecting data, maintaining security, sharing data with third parties, and managing advertisements.
Read more about this award on our News page