Rippling obtains ISO/IEC 27001 certification
In this article
Rippling is excited to announce that it has successfully achieved ISO/IEC 27001 certification.
The scope of this audit was company-wide and incorporated all of our products. This gives our customers assurance that Rippling has implemented mature security controls across our entire platform—highlighting our commitment to keeping our customers’ data secure.
ISO 27001 compliance is evidence of Rippling’s continued investment in building a security program that meets global security standards. According to Duncan Godfrey, our Chief Information Security Officer, it validates Rippling’s readiness to support Enterprise customers and ensure the protection of their data:
I’m very proud of the Security Program we are building here at Rippling, and testing it against the high bar of ISO 27001 compliance was an exciting step for us. It shows we are ready to meet the high security expectations of Enterprise customers.
Duncan Godfrey
Chief Information Security Officer at Rippling
What is ISO/IEC 27001?
The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) co-published this internationally recognized certification. It defines the requirements for setting up and maintaining an information security management system (ISMS), which is a documented set of policies that govern and protect an organization’s sensitive data. An ISMS acts as the central hub for an information security program. It helps companies identify cyber risks, address security vulnerabilities, and proactively manage any threats by spelling out action plans in the event of a breach.
Rippling’s ISMS is embedded across the entire organization to ensure security is a key pillar of our strategy.
Rippling’s other new security certifications
In addition to ISO/IEC 27001, Rippling has also achieved certifications for ISO/IEC 27018 and CSA STAR Level 2.
Protecting sensitive data is crucial. You’re safe with Rippling.
As an all-in-one HR, IT, and Finance solution, employee data is at the center of everything Rippling does, which is why we go the extra mile to protect this sensitive information. In addition to the new certifications, Rippling is also SOC 1 and SOC 2 compliant and adheres to industry best practices.
Learn more about Rippling’s comprehensive security and data protection features here.
Disclaimer
Rippling and its affiliates do not provide tax, accounting, or legal advice. This material has been prepared for informational purposes only, and is not intended to provide or be relied on for tax, accounting, or legal advice. You should consult your own tax, accounting, and legal advisors before engaging in any related activities or transactions.
Author
The Rippling Team
Global HR, IT, and Finance know-how directly from the Rippling team.
Explore more
Compliance beyond the certifications: How we keep customer data secure
Discover Rippling's journey beyond standard compliance to build a security-first culture that prioritizes customer-focused data protection.
Rippling hires Duncan Godfrey as CISO
Rippling is thrilled to welcome Duncan Godfrey to the team as our new as CISO.
IT security in 2025: Rippling's CISO and IT pro talk data, trends, and tips
Explore insights from our webinar featuring Rippling's CISO and IT pro on the evolving landscape of IT security. Discover key challenges IT leaders face, what they will prioritize in 2025, and why compliance matters. Read more for actionable takeaways.
Founders, keepers: Rippling acquires Fuzzbuzz
We're thrilled to announce the acquisition of Fuzzbuzz, which was co-founded by Forbes 30 Under 30 recipients Andrei Serban and Everest Munro-Zeisberger. The Fuzzbuzz team of six engineers brings years of experience building application security tooling that integrates into developer workflows to find bugs and vulnerabilities before they reach production.
Back to basics: Why the CIS Critical Security Controls are your best defense in 2025
Learn why CIS Critical Security Controls are crucial for cybersecurity in 2025. Rippling CISO Duncan Godfrey shares 5 actionable steps to implement fundamental security measures that protect against common cyber attacks without complexity or high costs.
Top 8 cybersecurity framework list for 2025
Explore the top cybersecurity frameworks for risk management and compliance. Find a list of the best cybersecurity frameworks for your business in 2025.
Rippling achieves “gold standard” SOC 2 type II security certification
Discover how Rippling's SOC 2 Type 2 certification enhances data security, ensuring the highest standards of protection for your business. Learn more.
Rippling hires Brad Armstrong as Senior Vice President, Business and Corporate Development
Rippling is pleased to welcome Brad Armstrong to the Rippling executive team as Senior Vice President, Business and Corporate Development.
See Rippling in action
Increase savings, automate busy work, and make better decisions by managing HR, IT, and Finance in one place.