Vendavo has been supplying enterprise software solutions to some of the largest enterprises in the world for nearly 20 years. As a leader in the digitalization of pricing and sales effectiveness solutions, we understand how important security, compliance, and privacy are today and will continue to be in the future. Vendavo uses a secure platform to ensure that the commercial excellence solutions we provide are truly excellent.
Vendavo utilizes the top cloud providers in the world to run its software solutions for our clients. Vendavo develops and deploys solutions to best fit these top hosting services for secure and smooth functionality.
Vendavo use a secure SDLC (systems development life cycle). When building applications, Vendavo treats security as a requirement, and conducts regular static, dynamic, and penetration tests.
Vendavo’s cross functional security team holds industry standard security credentials and executes: Security Risk Management, Information Governance, Security Operations Center, Security Compliance
- GDPR — Vendavo supports our customers in achieving GDPR compliance.
- ISO 27001 — Vendavo maintains certification through annual audits.
- SOC1 Type 2 — Vendavo conducts annual audits to ensure controls over financial reporting.
- SOC2 Type 2 — Vendavo conducts annual audits to ensure control and management of customer data, including the following Trust Services Criteria:
- Availability — Information and systems are available for operation and used to meet the entity’s objectives.
- Process Integrity — With Vendavo, your business can trust the system to work the way it is supposed to work. Systems and controls are in place that the pricing coming out of the pricing solution are complete, valid, timely, accurate, and authorized to meet your objectives.
- Confidentiality — Your data is protected from unauthorized access
- CSA Security, Trust & Assurance Registry (STAR) — Vendavo has published our completed CSA Consensus Assessments Initiative Questionnaire (CAIQ) self-assessment in the CSA STAR Registry to document best practice compliance.