Rippling and its affiliates do not provide tax, accounting, or legal advice. This material has been prepared for informational purposes only, and is not intended to provide or be relied on for tax, accounting, or legal advice. You should consult your own tax, accounting, and legal advisors before engaging in any related activities or transactions.
Rippling obtains ISO/IEC 27001 certification
![[Blog - SEO Image] Developer](http://images.ctfassets.net/k0itp0ir7ty4/79f7e3ced1c7dcb4574c3235c441b28bcd86780c/b24616ecff8d958cbcffd8109deec2f7/SEO_-_developer.jpg)
In this article
Rippling is excited to announce that it has successfully achieved ISO/IEC 27001 certification.
The scope of this audit was company-wide and incorporated all of our products. This gives our customers assurance that Rippling has implemented mature security controls across our entire platform—highlighting our commitment to keeping our customers’ data secure.
ISO 27001 compliance is evidence of Rippling’s continued investment in building a security program that meets global security standards. According to Duncan Godfrey, our Chief Information Security Officer, it validates Rippling’s readiness to support Enterprise customers and ensure the protection of their data:
I’m very proud of the Security Program we are building here at Rippling, and testing it against the high bar of ISO 27001 compliance was an exciting step for us. It shows we are ready to meet the high security expectations of Enterprise customers.
Duncan Godfrey
Chief Information Security Officer at Rippling
What is ISO/IEC 27001?
The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) co-published this internationally recognized certification. It defines the requirements for setting up and maintaining an information security management system (ISMS), which is a documented set of policies that govern and protect an organization’s sensitive data. An ISMS acts as the central hub for an information security program. It helps companies identify cyber risks, address security vulnerabilities, and proactively manage any threats by spelling out action plans in the event of a breach.
Rippling’s ISMS is embedded across the entire organization to ensure security is a key pillar of our strategy.
Rippling’s other new security certifications
In addition to ISO/IEC 27001, Rippling has also achieved certifications for ISO/IEC 27018 and CSA STAR Level 2.
Protecting sensitive data is crucial. You’re safe with Rippling.
As an all-in-one HR, IT, and Finance solution, employee data is at the center of everything Rippling does, which is why we go the extra mile to protect this sensitive information. In addition to the new certifications, Rippling is also SOC 1 and SOC 2 compliant and adheres to industry best practices.
Learn more about Rippling’s comprehensive security and data protection features here.
Disclaimer
Author
The Rippling Team
Global HR, IT, and Finance know-how directly from the Rippling team.
Explore more
Aug 21, 2025
|
5 min
Compliance beyond the certifications: How we keep customer data secure
Discover Rippling's journey beyond standard compliance to build a security-first culture that prioritizes customer-focused data protection.
Aug 21, 2025
|
2 min
Founders, keepers: Rippling acquires Fuzzbuzz
We're thrilled to announce the acquisition of Fuzzbuzz, which was co-founded by Forbes 30 Under 30 recipients Andrei Serban and Everest Munro-Zeisberger. The Fuzzbuzz team of six engineers brings years of experience building application security tooling that integrates into developer workflows to find bugs and vulnerabilities before they reach production.
Aug 21, 2025
|
10 min
IT security in 2025: Rippling's CISO and IT pro talk data, trends, and tips
Explore insights from our webinar featuring Rippling's CISO and IT pro on the evolving landscape of IT security. Discover key challenges IT leaders face, what they will prioritize in 2025, and why compliance matters. Read more for actionable takeaways.
Aug 21, 2025
|
4 min
Back to basics: Why the CIS Critical Security Controls are your best defense in 2025
Learn why CIS Critical Security Controls are crucial for cybersecurity in 2025. Rippling CISO Duncan Godfrey shares 5 actionable steps to implement fundamental security measures that protect against common cyber attacks without complexity or high costs.
Aug 21, 2025
|
2 min
Rippling IT achieves “gold standard” SOC 2 type II security certification
Discover how Rippling's SOC 2 Type 2 certification enhances data security, ensuring the highest standards of protection for your business. Learn more.
Aug 21, 2025
|
7 min
What you need to know about employee data privacy, security, and compliance
Managing employee data is crucial for business operations, legal compliance, and data protection. This guide will help you manage employee data securely.
Aug 21, 2025
|
1 min
Rippling hires Brad Armstrong as Senior Vice President, Business and Corporate Development
Rippling is pleased to welcome Brad Armstrong to the Rippling executive team as Senior Vice President, Business and Corporate Development.
Aug 21, 2025
|
6 min
5 steps CTOs must take to automate onboarding IT tasks
Automate IT onboarding to transform productivity drains into competitive advantages. Get new hires contributing faster while reducing security risks.
See Rippling in action
Increase savings, automate busy work, and make better decisions by managing HR, IT, and Finance in one place.