Learn more about how iCIMS prioritizes information security, privacy and data protection, and compliance across the iCIMS Talent Cloud.
The iCIMS Talent Cloud is built on our commitment to ensuring that strong security, privacy and data protection, and compliance controls are in place to protect our customers. Through our dedicated security, legal, and privacy teams, we are constantly monitoring, adapting, and improving our policies to handle the complexity of a constantly changing world.
iCIMS has a long commitment to information security. We have been ISO 27001 certified since 2014 and we continually strive to not only meet the requirements of the standard, but to exceed them. Additionally, we also align to the NIST 800-171 and NIST 800-53 standards.
We clearly define our security policies and make them available for all customers and prospects to evaluate. We strive for transparency in how we address security and align to the fundamental position that we will never degrade our security policies.
We have a strong security and privacy incident response program in place that is based off of NIST 800-61 standards. iCIMS treats all reported potential security events seriously and aligns with legal, regulatory, and contractual requirements to ensure that security incidents are properly addressed.
iCIMS has a dedicated Data Protection Officer (DPO) and privacy team to ensure we can provide the utmost care with regard to matters of data and privacy. Our privacy program aligns with ISO 27701 and takes into consideration laws, regulations, and compliance requirements across the globe. We’re committed to clearly spelling out our privacy program and how we process, gather, use, store, share, secure, retain, and dispose of sensitive and confidential information, including personal data, on behalf of our subscribers and their users.
Maintaining a single source of truth can help protect your enterprise by keeping data safe and processes compliant. iCIMS’ Talent Cloud platform continually meets rigorous privacy and compliance standards and regulations to ensure that your data remains secure, including CCPA and GDPR.
As a proud corporate member of the International Association of Privacy Professionals, we stand with our peers in our commitment to safeguarding our customers’ information.
Our data centers are designed for high availability to protect against disaster. Our disaster readiness plans are tested quarterly to ensure viability.
We are constantly working to improve our security, privacy, and data protection and compliance posture. With this in mind, we are conducting the following additional third-party examinations and certifications:
SOC 2, Type II Audit:
This examination demonstrates iCIMS’ control effectiveness and represents an overview of iCIMS systems and the suitability of the design and operating effectiveness of security and availability controls over a period of time.
This certification is privacy extension to ISO 27001. This certification will validate iCIMS’ privacy programs alignment with the standard and verify the proper implementation of a Privacy Information Management System (PIMS). The standard outlines a framework for Personally Identifiable Information (PII) Processors to manage privacy controls to reduce the risk to individual privacy rights.