TRUST AND SECURITY AT QLIK

Empowering organizations with solutions they can trust

Trust and Security - Empowering organizations with solutions they can trust

Qlik’s solutions are designed to ensure high performing, highly available global environments through which you can safely and securely integrate your data, analyze your data, and share insights. Whether you’re using our cloud service, deploying Qlik yourself or using a hybrid approach, we offer a world-class architecture and experience designed to confidently meet your security, compliance, and privacy needs.

Security

Security at Qlik is embedded across the company and an integral part of how Qlik develops software. It is designed to cover all facets of security disciplines within the company from software development to SaaS operations to corporate information technology security.

Qlik incorporates leading security technologies and modern open standards to provide users with the confidence that their data and analyses are secure. Additionally, Qlik Cloud and its operating infrastructure provide security using a number of methods.

Security at Qlik

Secure Software Development Lifecycle

Qlik’s development model follows an adapted implementation of the Scaled Agile Framework (SAFe) and industry best practices for quality assurance. Qlik’s Software Security Office incorporates regular static code analysis, threat modeling, third-party vulnerability scanning, and pen-testing into Qlik’s software development process.

Vulnerability Management

For security-related incidents, Qlik follows a Responsible Disclosure approach for any vulnerability that rates as High or Critical by our Software Security Office. This approach includes publishing a Security Bulletin to alert our customers and partners through a blog post, collaborating with the reporter of the vulnerability if applicable, creating software fixes as soon as possible, and/or providing mitigation until fixed.

Secure Operations

Qlik proactively monitors production environments to identify and resolve any vulnerabilities that could compromise data security. Qlik works with independent third parties who perform vulnerability assessments against the infrastructure, platform and applications that make up Qlik’s product portfolio.

Approvals

Qlik Sense® Enterprise is listed on the Cyberspace Capabilities Center’s (formerly Air Force Network Integration Center) Evaluated Products List. Qlik Sense Enterprise has approvals to operate (ATO) with the Army, Navy, Air Force and Marine Corps and Defense Agencies.

Certifications and Accreditations

Qlik Trust and Security: FedRAMP

FedRAMP

FedRAMP Marketplace
Qlik Trust and Security: HIPAA

HIPAA

Qlik has successfully completed a SOC 2 Type 2 + HITRUST CSF Attestation which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls relative to the protection of Personal Health Information subject to US HIPAA Regulatory requirements.

Learn More
Qlik Trust and Security: ISO 27001

ISO 27001:2022

Qlik meets the standards of ISO 27001, an information management security specification for information management systems (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization's information risk management processes.

View Certificate

ISO 27017:2015

Qlik meets the standards of ISO 27017 an information management security specification for information management systems (ISMS) covering cloud security controls for cloud service providers. ISO 27017 is an extension to the ISO 27001 ISMS framework.

View Certificate
Information Security Management System - ISO 27018 - Certified badge

ISO 27018:2019

Qlik meets the standards of ISO 27018, an information management security specification for information management systems (ISMS) covering cloud privacy requirements and security controls for cloud service providers. ISO 27018 is an extension to the ISO 27001 ISMS framework.

View Certificate
Qlik Trust and Security: SOC 1

SOC 1

Qlik has successfully completed a SOC 1 Type 2 assessment which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls, reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting.

Qlik Trust and Security: SOC 1

SOC 2 + HITRUST CSF

Qlik has successfully completed a SOC 2 Type 2 + HITRUST CSF Attestation which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls. SOC2 is an assessment based on the AICPA Trust Services Principles for Security, Availability, Processing Integrity, Confidentiality, and Privacy. The HITRUST CSF is a widely adopted security and privacy framework across multiple industries. Qlik's compliance and alignment to the applicable SOC2 trust principles and HITRUST CSF criteria is tested via a rigorous examination by an independent accounting firm.

Learn More
Qlik Trust and Security: SOC 1

SOC 3

Qlik has successfully completed a SOC 3 assessment which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls. SOC 3 is a rigorous examination by an independent accounting firm based on AICPA Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.

Read Report
Qlik Trust and Security: TISAX

TISAX

Qlik has completed the Trust Information Security Assessment Exchange (TISAX) assessment. This standard provides the European automotive industry a consistent, standardized approach to information security systems.

Qlik Trust and Security: StateRAMP

StateRAMP

Learn More
Qlik Trust and Security: TX-RAMP – Level 2

TX-RAMP – Level 2

Qlik Cloud Government has achieved TX-RAMP (Texas Risk and Authorization Management Program) Level 2 Authorization supporting confidential agency data determined to be at the moderate or high impact level. The Texas Department of Information Resources (DIR) provides a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services that process the data of a state agency.

Learn More
Qlik Trust and Security: ITAR

ITAR

Learn More
Qlik Trust and Security: DISA

DISA

Qlik Cloud Government has successfully met the standards for Impact Level (IL) 2 set by DISA (The Defense Information Systems Agency) a U.S. Government Organization that has created and maintains security guidelines for computer systems or networks connected to the DoD (Department of Defense).

Learn More

IRAP

View Assessment Summary

For information on Talend-specific certifications please visit Talend Trust and Security.

Check operational uptimes across all of our global regions

Privacy

Data is one of your business’s most critical assets, which is why we treat it with the utmost care. Through security- and privacy-by-design development processes, Qlik ensures our solutions align with the latest data protection and privacy laws around the world, such as GDPR.

Trust and Security: Privacy at Qlik

Accessibility

Qlik is committed to making our data and analytics platform available to everyone, with a world-class experience for users of all abilities. Ongoing product updates and new features enable users to consume data and visualizations.

ADA Site Compliance badge

Have questions related to security at Qlik?