Trust and Compliance at Qlik

Qlik’s solutions are designed to ensure high performing, highly available global environments through which you can safely and securely analyze your data and share insights. Whether you’re deploying Qlik on-premise, as a SaaS solution, or with a multi-cloud approach, we offer a world-class architecture and experience designed to confidently meet your security, compliance, and privacy needs.

Qlik Cloud Services

Availability status and outage information can be found here:

Check System Status

Qlik has successfully completed a SOC 2 Type 2 assessment which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls. SOC 2 is a rigorous examination by an independent Accounting firm based on AICPA Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.

SOC 2

Qlik has successfully completed a SOC 3 assessment which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls. SOC 3 is a rigorous examination by an independent Accounting firm based on AICPA Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.

SOC 3

Read SOC 3 Report

Qlik is ISO 27001 certified, meeting the international standards for implementing an information security management system.

ISO 27001

Read more about Qlik’s ISO 27001 Designation

Security

Security in Qlik is embedded across the company and an integral part of how Qlik develops software. It is designed to cover all facets of security disciplines within the company from software development to SaaS operations to corporate information technology security.

Qlik incorporates leading security technologies and modern open standards to provide users with the confidence that their data and analyses are secure. Additionally, Qlik Cloud Services and its operating infrastructure provide security using a number of methods:

Secure Software Development Lifecycle:

Qlik’s development model follows an adapted implementation of the Scaled Agile Framework (SAFe) and industry best practices for quality assurance. Qlik’s Software Security Office incorporates regular static code analysis, threat modelling, third-party vulnerability scanning, and pen-testing into Qlik’s software development process.

Vulnerability Management:

For security-related incidents, Qlik follows a Responsible Disclosure approach for any vulnerability that rates as High or Critical by our Software Security Office. This approach includes publishing Security Bulletins to our customer and partner portals, collaborating with the reporter of the vulnerability if applicable, creating software fixes as soon as possible, and/or providing mitigation until fixed.

Secure Operations:

Qlik proactively monitors production environments to identify and resolve any vulnerabilities that could compromise data security. Qlik works with independent third parties who perform vulnerability assessments against the infrastructure, platform and applications that make up Qlik’s product portfolio.

Approvals:

Qlik Sense Enterprise is listed on the Air Force Network Integration Center (AFNIC) Evaluated Products List. Qlik Sense Enterprise has approvals to operate (ATO) with the Army, Navy, Air Force and Marine Corps and Defense Agencies.

Accessibility

Qlik is committed to making our data and analytics platform available to everyone, with a world-class experience for users of all abilities. Ongoing product updates and new features ensure all users can fully interact and consume data and visualizations.

Read more about our accessibility standards

Related Resources

Privacy

Data is one of your business’s most critical assets, which is why we treat it with complete confidentiality. Through security- and privacy-by-design software development processes, Qlik ensures our solutions align with the latest data protection and privacy laws around the world, such as GDPR.