Certifications

To demonstrate our commitment to protecting customer data, DocuSign has significantly invested in maintaining certifications in the following regulatory and industry standards.

 align

ISO 27001:2013

DocuSign is ISO27001:2013 certified. This is the highest level of global information security assurance available today, and provides customers assurance that DocuSign meets stringent international standards on security.

Learn More >

SOC 1 Type 2, SOC 2 Type 2

As a SOC 1 and SOC 2-certified organization, DocuSign complies with the reporting requirements stipulated by the American Institute of Certified Public Accountants (AICPA). We undergo yearly audits across all aspects of our production operations, including our datacenters, and have sustained and surpassed all requirements.

Learn More >

PCI Security Standards Council Logo

PCI DSS

DocuSign maintains compliance with the current version of the PCI Data Security Standard (DSS) to ensure safe and secure handling of credit card holder information. As overseen by the Payment Card Industry Security Standards Council (PCI SSC), DocuSign places stringent controls around cardholder data as both a service provider and merchant. DocuSign is listed as a PCI Service Provider on the Visa Global Registry of Service Providers.

Learn More >

SkyHigh Enterprise-Ready Logo

CloudTrust

With Skyhigh's CloudTrust program, DocuSign fully satisfies the most stringent requirements for data protection, identity verification, and security controls based on detailed criteria developed in conjunction with the Cloud Security Alliance (CSA).

Learn More >

CSA Logo

CSA STAR Program

DocuSign adheres to the requirements of the Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) program. The CSA STAR comprises key principles of transparency, rigorous auditing, and harmonization of standards. Our Consensus Assessments Initiative Questionnaire (CAIQ) documents the rigor and strength of DocuSign’s security posture and best practices and is publicly accessible for viewing and download from the CSA STAR registry for both DocuSign and SpringCM.

Learn More >