monday.com

monday.com is a work OS that powers teams to run processes, projects and workflows in one digital workspace.
  • Website
    https://monday.com
  • Compliance
  • Product Security
  • Data Security
  • Privacy
  • Availability & Reliability
  • Organizational Security
  • Business Continuity
  • Threat Management
  • Subprocessors
  • Compliance

    • CCPA
    • CSA STAR

      monday.com takes part in the voluntary CSA Security, Trust & Assurance Registry (STAR) Self-Assessment to document our compliance with CSA-published best practices.

    • EU-US Privacy Shield
    • Swiss-US Privacy Shield
    • GDPR

      General Data Protection Regulation (GDPR). For the success of our customers and the protection of their personal data.

    • HIPAA

      The Health Insurance Portability and Accountability (HIPAA) act.

    • ISO 27001
      View Certificate

      ISO/IEC 27001:2013 which is the most rigorous global security standard for Information Security Management Systems (ISMS).

    • ISO 27017
      View Certificate

      ISO/IEC 27017:2015 This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

    • ISO 27018
      View Certificate

      ISO/IEC 27018:2014 Establishes commonly accepted control objectives, controls, and guidelines for implementing measures to protect Personally Identifiable Information (PII)

    • ISO 27032
      View Certificate

      ISO/IEC 27032:2012 provides guidance for improving the state of Cybersecurity, drawing out the unique aspects of that activity, and its dependencies on other security domains.

    • ISO 27701
      View Certificate

      ISO/IEC 27701:2019 This document specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS)

    • SOC 1 Type II

      Ernst & Young conducted a SOC 1 audit on monday.com, providing a SOC 1 Type II Report following the audit.

    • SOC 2 Type II

      Ernst & Young conducted a SOC 2 audit on monday.com, providing a SOC 2 Type II Report following the audit.

    • SOC 3
      View Report

      Ernst & Young conducted a SOC 3 audit on monday.com, providing a SOC 3 Report following the audit.

  • Product Security

    • Audit Logs
    • Multi-Factor Authentication
      View Instructions
    • Google SSO
    • SAML SSO
  • Data Security

    • Data Encrypted At-Rest
    • Data Encrypted In-Transit
  • Privacy

  • Availability & Reliability

  • Organizational Security

    • Employee Security Training
    • Physical Access Control
  • Business Continuity

    • Disaster Recovery Plan
    • Data Backups
  • Threat Management

  • Subprocessors

    • Name
      Purpose
      Location
      Cloud computing provider
      United States
      Content-based firewall
      United States
      Log aggregation and correlation
      United States
      File upload/view services
      United States
      Cloud computing provider
      United States
      Error monitoring
      United States
      Error monitoring
      United States
      Email notification services
      United States
      Text notification services
      United States
      Realtime updates
      United Kingdom
      Database platform (hosted on AWS)
      United States
      Email notification services
      United States
      Text notification services
      United States