ProjectWise Hosting Services - KB - What certifications are maintained?

The systems and processes that support Bentley Managed Services are ISO/IEC 27001:2013 certified. ISO/IEC 27001:2013 is one of the most widely recognized information security standards. Compliance with ISO/IEC 27001:2013 is certified by A-LIGN, an ANAB accredited ISO 27001 certification body. View the Bentley Managed Services ISO/IEC 27001:2013 certificate and the current ISO/IEC 27001:2013 Statement of Applicability.

ISO 27001:2013 surveillance audit completed: October 26, 2016. A-LIGN conducted the surveillance audit from the Company’s corporate facility in Exton, Pennsylvania. A-LIGN conducted on-site audit procedures including interviews of key personnel, observation of processes and controls, review of documentation, and analysis of documentation of audit findings during the site visits.

Government Cloud (G-Cloud) is a UK government initiative to promote government-wide adoption of cloud computing. The G-Cloud framework is an agreement between the government and suppliers who provide cloud-based services. The Crown Commercial Service (an agency that works to improve commercial and procurement activity by the government) awarded Bentley Systems International Limited G-Cloud 9 status for the following cloud software offerings and associated Implementation and Success Plan services: Bentley Connected Data Environment (CDE), AssetWise CONNECT Edition, ProjectWise CONNECT Edition, and Comply

Bentley CONNECT Cloud Services are designed to keep user data secure with enterprise grade security, which is demonstrated with the granting of a SOC2 Type I and a Type II report by a certified AICPA auditing body. Bentley CONNECT Cloud Services are audited annually against the SOC reporting framework by qualified independent computer-security auditors. The scope of audit for Bentley CONNECT Cloud Services covers controls applicable to in-scope trust principles for each service. In general, the availability of these reports is restricted to customers who have signed non-disclosure agreements with Bentley.

Bentley complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the transfer and use of personal information from the European Union to the United States. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

For additional information, please see the Bentley Trust Center.