TRUST AND SECURITY AT QLIK

Empowering Organizations With Solutions They Can Trust

Two men are working at a desk with a computer screen in an office setting. One man is sitting and focused on the screen, while the other is standing and observing. Plant pots are visible in the background.

Qlik’s solutions are designed to ensure high performing, highly available global environments through which you can safely and securely integrate your data, analyze your data, and share insights. Whether you’re using our cloud service, deploying Qlik yourself or using a hybrid approach, we offer a world-class architecture and experience designed to confidently meet your security, compliance, and privacy needs.

Security

Security at Qlik is embedded across the company and an integral part of how Qlik develops software. It is designed to cover all facets of security disciplines within the company from software development to SaaS operations to corporate information technology security.

Qlik incorporates leading security technologies and modern open standards to provide users with the confidence that their data and analyses are secure. Additionally, Qlik Cloud and its operating infrastructure provide security using a number of methods.

The Cyberspace Capabilities Center emblem of the U.S. Air Force, featuring a circular design with a blue and white graphic in the center and text encircling it on a teal background with node patterns.

Secure software development lifecycle

Qlik’s development model follows an adapted implementation of the Scaled Agile Framework (SAFe) and industry best practices for quality assurance. Qlik’s Software Security Office incorporates regular static code analysis, threat modeling, third-party vulnerability scanning, and pen-testing into Qlik’s software development process.

Vulnerability management

For security-related incidents, Qlik follows a Responsible Disclosure approach for any vulnerability that rates as High or Critical by our Software Security Office. This approach includes publishing a Security Bulletin to alert our customers and partners through a blog post, collaborating with the reporter of the vulnerability if applicable, creating software fixes as soon as possible, and/or providing mitigation until fixed.

Secure operations

Qlik proactively monitors production environments to identify and resolve any vulnerabilities that could compromise data security. Qlik works with independent third parties who perform vulnerability assessments against the infrastructure, platform and applications that make up Qlik’s product portfolio.

Approvals

Qlik Sense® Enterprise is listed on the Cyberspace Capabilities Center’s (formerly Air Force Network Integration Center) Evaluated Products List. Qlik Sense Enterprise has approvals to operate (ATO) with the Army, Navy, Air Force and Marine Corps and Defense Agencies.

Certifications and accreditations

Qlik security artifacts are available to customers from Qlik Security Trust Center.

FedRAMP logo

FedRAMP

FedRAMP Marketplace
HIPAA logo

HIPAA

Qlik has successfully completed a SOC 2 Type 2 + HITRUST CSF Attestation which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls relative to the protection of Personal Health Information subject to US HIPAA Regulatory requirements.

Learn More
ISO 27001 Certified badge

ISO 27001:2022

Qlik meets the standards of ISO 27001, an information management security specification for information management systems (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization's information risk management processes.

View Certificate
ISO 27017 Certified badge

ISO 27017:2015

Qlik meets the standards of ISO 27017 an information management security specification for information management systems (ISMS) covering cloud security controls for cloud service providers. ISO 27017 is an extension to the ISO 27001 ISMS framework.

View Certificate
ISO 27018 Certified badge

ISO 27018:2019

Qlik meets the standards of ISO 27018, an information management security specification for information management systems (ISMS) covering cloud privacy requirements and security controls for cloud service providers. ISO 27018 is an extension to the ISO 27001 ISMS framework.

View Certificate
AICPA SOC badge

SOC 1

Qlik has successfully completed a SOC 1 Type 2 assessment which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls, reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting.

AICPA SOC badge

SOC 2 + HITRUST CSF

Qlik has successfully completed a SOC 2 Type 2 + HITRUST CSF Attestation which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls. SOC2 is an assessment based on the AICPA Trust Services Principles for Security, Availability, Processing Integrity, Confidentiality, and Privacy. The HITRUST CSF is a widely adopted security and privacy framework across multiple industries. Qlik's compliance and alignment to the applicable SOC2 trust principles and HITRUST CSF criteria is tested via a rigorous examination by an independent accounting firm.

Learn More
AICPA SOC badge

SOC 3

Qlik has successfully completed a SOC 3 assessment which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls. SOC 3 is a rigorous examination by an independent accounting firm based on AICPA Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.

Read Report
TISAX logo

TISAX

Qlik has completed the Trust Information Security Assessment Exchange (TISAX) assessment. This standard provides the European automotive industry a consistent, standardized approach to information security systems.

StateRAMP logo

StateRAMP

Learn More
TX-RAMP logo

TX-RAMP – Level 2

Qlik Cloud Government has achieved TX-RAMP (Texas Risk and Authorization Management Program) Level 2 Authorization supporting confidential agency data determined to be at the moderate or high impact level. The Texas Department of Information Resources (DIR) provides a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services that process the data of a state agency.

Learn More
ITAR logo

ITAR

Learn More
DISA logo

DISA

Qlik Cloud Government has successfully met the standards for Impact Level (IL) 2 set by DISA (The Defense Information Systems Agency) a U.S. Government Organization that has created and maintains security guidelines for computer systems or networks connected to the DoD (Department of Defense).

Learn More
irap logo

IRAP

View Assessment Summary

For information on Talend-specific certifications please visit Talend Trust and Security.

Check operational uptimes across all of our global regions

Privacy

Data is one of your business’s most critical assets, which is why we treat it with the utmost care. Through security- and privacy-by-design development processes, Qlik ensures our solutions align with the latest data protection and privacy laws around the world, such as GDPR.

Hands typing on a laptop with cybersecurity icons, including locks and related symbols, superimposed over the image.

Accessibility

Qlik is committed to making our data and analytics platform available to everyone, with a world-class experience for users of all abilities. Ongoing product updates and new features enable users to consume data and visualizations.

ADA Site Compliance logo featuring an eagle and a wheelchair symbol within a blue and gold circular border.

Responsible AI

We believe AI can only be effectively developed and used with confidence within its ethical foundations. Through our Principles for Responsible AI and AI Governance, Qlik aims to help customers mitigate the risk, embrace the complexity, and scale the impact of AI in their organizations.

A central icon of a brain connected to circuits, representing AI, is surrounded by three smaller icons: a person in a suit, a gear being held by a hand, and a check mark. All icons are encased in circles on a white background.

Have questions related to security at Qlik?