These reports are designed to meet the needs of users who need assurance about the controls at a service organization relevant to financial controls, operations, and IT and business processes that are tied to their financial reporting. Informatica has successfully achieved SOC 1 Type 2 compliance. This validates that our customers can effectively meet their financial reporting obligations with Informatica Intelligent Data Management Cloud (IDMC) controls. SOC 1 reports can only be distributed to existing customers and their auditors, not prospects. If a service organization’s clients have their financials audited, a SOC 1SM report gives those clients’ auditors assurance that proper controls are implemented, operational, and effective.

If you are a customer, please use your Informatica credential to log in and download the report. If not, please contact Informatica support or your account rep for a copy of the report.

The American Institute for Certified Public Accountants (AICPA) provides specifications for how service organizations report on the internal controls of the services they provide. The reports provide valuable information that users need to assess and address the risks associated with an outsourced service.

These reports are aimed at a broad range of users who require detailed information and assurance about the controls at a service organization. The information details the security, availability, and processing integrity of the systems the service organization uses to process users’ data, as well as the confidentiality and privacy of the information processed by these systems.

Informatica can make available a SOC 2 Type 2 report on the Informatica Cloud Hosting Service (ICHS) environment, the suitability of the design, and the operating effectiveness of controls over time. Use of these reports is restricted and requires an NDA to be in place with Informatica before the reports can be distributed.

If you are a customer, please use your Informatica credential to log in and download the report. If not, please contact Informatica support or your account rep for a copy of the report.

These reports are designed to meet the needs of users who need assurance about the controls at a service organization relevant to security, availability, processing integrity, confidentiality, or privacy, but do not have the need for or the knowledge necessary to make effective use of a SOC 2® Report. Because they are general use reports, SOC 3® reports can be freely distributed.

Informatica has achieved a U.S. Government FedRAMP Moderate Level Authority To Operate (ATO) under the sponsorship of the Department of State for the Informatica Intelligent Cloud Services (IICS) platform. With this designation, government agencies can now leverage the industry-leading platform within the Government Cloud environment.

Check out our Intelligent Cloud Data Management for Government FedRAMP Requirements data sheet to find out more.

Ready to start your journey now? Contact our Informatica Federal team at fedramp@informatica.com and a member of our team will get back to you within 24 hours.

Informatica has achieved TX-RAMP Level 1 certification. The Texas Risk and Authorization Management Program provides a standardized approach for security assessment, certification, and continuous monitoring of cloud computing services that process the data of Texas state agencies.

Informatica’s information security program governing the ICHS environment has been examined by a qualified third party to determine if the system description is fairly presented and that the information security program governing the ICHS system conforms, as applicable, and is presented in accordance with the requirements of HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health).

The third party has produced a report documenting the process, along with its opinion. Use of these reports is restricted and requires an NDA to be in place with Informatica before the reports can be distributed.

If you are a customer, please use your Informatica credential to log in and download the report. If not, please contact Informatica support or your account rep for a copy of the report.

The EU-U.S. DPF and UK Extension to the EU-U.S. DPF were respectively developed by the U.S. Department of Commerce and the European Commission, and UK Government to provide U.S. organizations with reliable mechanisms for personal data transfers to the United States from the European Union, and United Kingdom while ensuring data protection that is consistent with EU and UK law.

Informatica's software can be deployed/used across industries governed by GxP regulations, notably in sectors like pharmaceuticals and healthcare. However, Informatica's own operations fall outside the purview of GxP regulations. We specialize in crafting solutions to help our Customers adhere to the GxP standards. For example, Informatica's MDM SaaS solution includes functionalities dedicated to data validation, monitoring data quality and managing audit trails – all pivotal elements of GxP compliance requirements.

Moreover, the Informatica GxP letter offers our customers comprehensive assurance that controls covering security, confidentiality and availability principles are in place. It specifically addresses the configuration and utilization of products to ensure alignment with GxP regulations, focusing on its MDM Hosted and MDM SaaS products.

ISO/IEC 27001 is the leading global standard for Information Security Management Systems (ISMS), outlining requirements for establishing, implementing, maintaining, and improving an ISMS. Informatica’s compliance with ISO/IEC 27001 demonstrates its commitment to managing data security risks following international best practices. Additionally, Informatica’s ISMS incorporates ISO/IEC 27017:2015, which provides guidelines and extra controls for securing cloud services, complementing ISO/IEC 27002.

Informatica’s Intelligent Data Management Cloud™ (IDMC) platform has been certified by the EDM Council, following an independent assessment by Projective Group, for meeting the 14 key controls of the EDM Council Cloud Data Management Capabilities (CDMC) framework. The EDM Council is a global association with 25,000 professionals from 360 organizations focused on advancing data management and analytics. Projective Group consults with financial services firms in a rapidly evolving market.

The CDMC framework was developed by the EDM Council’s Working Group, with input from 300+ professionals across 100+ firms. Informatica, a 14-year EDM Council member, helped develop CDMC alongside major cloud providers (AWS, Google Cloud, IBM, Microsoft) and leading financial and tech firms.

John Bottega, EDM Council President, stated, “The CDMC framework sets rigorous global standards to guide cloud adoption. Informatica’s IDMC platform enables secure, efficient cloud migration in line with these standards.”

At Informatica, sustainability is core to our values and operations. Leveraging AI and data-driven insights, we enhance decision-making, reduce our environmental impact, and promote responsible practices. Committed to trusted, accessible data and innovation, we deliver solutions that foster long-term growth and support customers and communities globally.