Skip to content

Security Designed to Protect You

Innovation is built on trust; trust starts with transparency. You can trust Apptio to deliver world-class applications while handling your data with the utmost care and security. We design every aspect of our business to deliver on that trust.

Apptio’s Information Security team, Legal department, and Internal Compliance/Audit department all work together to ensure that industry best security practices are met. Apptio’s Software-as-a-Service (SaaS) environment follows stringent guidelines to protect the confidentiality, integrity, privacy, and availability of your data.

Compliance and Certifications

We also work with independent auditors and penetration testers to validate that Apptio has the appropriate security controls in place to protect customer data entrusted to us.


SOC2 Type II Report and SOC3 Report

System and Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how Apptio achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the Apptio controls established to support operations and compliance. Apptio cloud services have been successfully audited in accordance with AT 101 and the Trust Services Principles for design and operational security. To learn more about the AICPA and the SOC standards, see the following link:

For a copy of our SOC3 report, click on the link below:
Download Apptio's SOC3 Report


ISO27001:2013 Certification

Apptio is ISO27001:2013 certified and is aligned with all associated requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS). This alignment ensures that Apptio cloud services have the requisite and appropriate security controls and management program in place as defined in the ISO/IEC 27001 standard.

Download Apptio's ISO27001:2013 Certificate


FedRAMP Certification

Apptio is one of a select group of SaaS providers who have received FedRamp certification under the Joint Authorization Board (JAB) Authorization to Operate (ATO). Apptio’s FedRAMP environment provides a continental United States (CONUS)-based and dedicated infrastructure (facilities, servers, databases, networking devices) for Federal Government agencies subscribing to our SaaS Technology Business Management (TBM) solutions.

Learn more about FedRamp certification


Cloud Security Alliance – STAR Level One Certification

Our Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) response details how Apptio cloud services fulfill the security, privacy, compliance, and risk management requirements defined in the CSA CCM version 3.0.1.

See our Cloud Security Alliance Certification


General Data Protect Requirements (EUGDPR)

Apptio meets the compliance requirements for the EU GDPR. Four years after the overhaul of European data protection laws began, the final text of the new General Data Protection Regulation (EU GDPR) was approved in Spring 2016 and the new rules came into effect on May 2018. The rights of EU citizens to control their personal details is respected by Apptio.

Learn more about the EUGDPR


California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA), enacted in 2018, creates new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses. Apptio complies with the California Consumer Privacy Act. Apptio provides additional rights to California Consumers which are fully set out in our privacy policy and in the agreements we put in place with our Vendors and our Customers. The rights of California Consumers to control their personal details is respected by Apptio.

Learn more about the CCPA


EU-US Privacy Shield

Apptio complies with the EU-U.S. Privacy Shield Framework as set forth and certified to the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States.

See our Privacy Shield certification


ITIL Alignment

Apptio adheres to ITIL principles and practices for managing and supporting our SaaS environment. Leveraging process automation and other ITIL best practices, we are well-positioned to enforce IT service management for our cloud services and customers.

Learn more about ITIL-ISO 20000

Get Started

Whether you need help analyzing the true cost of the cloud, optimizing your technology spend, or communicating IT's value to the business, Apptio can help.

Our site uses cookies. By continuing to use our site, you are agreeing to our cookie policy.

Accept & Close