The value of third-party audits

To demonstrate our commitment to data security, we collaborate with vetted third parties to audit our platform, data security processes, and compliance with global regulations.

These audits hold us accountable and ensure that we are meeting the highest standards for data security and protecting our users’ privacy. Below is a list of all of our current certifications, pledges, and audits, with more on the horizon.

SOC 2 Type 1 Audit

On February 17, 2021, Proctorio completed an independent SOC 2 Type 1 Audit. The signed report confirms that the evaluated system controls provided “reasonable assurance that Proctorio’s service commitments and system requirements would be achieved based on the applicable trust services criteria”.

Read more about this audit on our blog

ISO/IEC 27001:2013 Certification

As of April 23, 2021, Proctorio also achieved an ISO/IEC 27001:2013 certification. This validates that Proctorio’s Information Security Management System (ISMS) received third-party accreditation from the International Standards Organization. This certification was developed to standardize the process for establishing, implementing, operating, monitoring, reviewing, and maintaining an ISMS.

Read more about this certification on our blog


About A-LIGN

Proctorio worked with A-LIGN, an independent third-party auditor, to complete both certification audits. Proctorio also anticipates completing the SOC 2 Type 2 security audit, an internal controls report that verifies how a company safeguards customer data.

Zero-Knowledge Encryption Audit

Using industry-leading tools, techniques, and penetration testing processes, White Oak concluded that Proctorio appropriately implements Zero-Knowledge Encryption and never possesses the encryption keys for the audio/video recordings stored. The audit also concluded that the cryptographic functionality was implemented appropriately using industry standard and vetted algorithms and their implementation libraries.

Data Privacy Compliance Audit

White Oak Security determined that video and audio recordings for exams are stored in the proper geographical regions based on the given partnered institution in accordance with local privacy and security laws. The regions tested include the USA, Canada, the European Union, the Middle East, and Australia.


About White Oak

Proctorio engaged White Oak Security, a leading information security consulting company, to perform a month-long Security Assessment of our software and cloud environment from June 24 to July 24, 2020 to ensure appropriate usage of Zero-Knowledge Encryption and local data security law compliance.

IMS LTI Certification

Proctorio was heavily involved in the development of IMS Global LTI standards and received the IMS LTI certification in January 2020. This means our Learning Integrity Platform passed stringent IMS tests and audits for interoperability, our software’s ability to exchange and utilize data.

IMS TrustED Apps Seal

Proctorio has proudly been awarded the IMS Data Privacy Seal for privacy and data security policies and practices. This seal certifies that an ed-tech application or extension has satisfactorily completed the IMS TrustEd Apps vetting process. The product’s ratings on the IMS TrustEd Apps Rubric are reflective of each application’s or extension’s approach to four key areas: collecting data, maintaining security, sharing data with third parties, and managing advertisements.

Read more about this award on our blog


About IMS Global

IMS is a global provider of these certifications and standards to better assist educational institutions in ensuring that their selected and prospective educational technologies have a plug-and-play ecosystem and seamlessly operate with existing institutional platforms and content. IMS currently hosts 580 institution members across the globe to create, edit, and reframe their standards and certifications to better individual user experiences and the ed-tech industry as a whole.

iKeepSafe

Proctorio has been recognized by The Internet Keep Safe Coalition (iKeepSafe) for meeting the highest data security and privacy standards. The iKeepSafe Coalition reviews education-based software companies to make sure that they are doing everything in their power to keep test-taker information safe. Proctorio was the first remote proctoring software to earn the iKeepSafe certification.

Proctorio’s iKeepSafe certifications include:

Student Privacy Pledge

Proctorio has proudly signed the Student Privacy Pledge and has been a continuous facilitator in discussions, surrounding the increase and improvement of the security of test-taker data and privacy. To be a signatory of the Student Privacy Pledge, Proctorio’s platform and approach to privacy underwent a thorough audit to ensure that we adhere to the Privacy Pledge’s stringent standards.