Compliance Resources

On this page, we provide you with resources around compliance of Rocket.Chat with industry standards, regulations and best practices. Contact our specialists for further information under security@rocket.chat.

Compliance certifications

ISO 27001 certification

Rocket.Chat is ISO 27001 certified. ISO 27001 is an internationally recognized standard for information security management systems. Our organization is audited on an annual basis by an independent third-party auditor to verify the design and operational effectiveness of the management system.

  • Certificate:

  • Name: ISO 27001 Information Security Management Systems

  • Scope: software development, hosting, app store

  • Statement of applicability (link)

    • contains a list of controls and whether they are applicable or not

  • Certifying body: QMS Certification Services

  • Validity: July 2020 - July 2023

  • Use cases: due diligence, security review, regulatory compliance, internal audit, supply chain audit

Industry-specific resources

Cloud Security Alliance (CSA)

Rocket.Chat has published a pre-filled questionnaire in the STAR-registry of the CSA here. The CSA is a leading organization in the standardization and improvement of security in cloud computing. The Consensus Assessments Initiative Questionnaire (CAIQ) is a self-assessment that is updated on an annual basis.

  • Name: Consensus Assessments Initiative Questionnaire

  • Scope: Rocket.Chat hosted offering

  • Last Update: October 2019

  • Use cases: due diligence, security review

‚Äč