Skip to main content

 

 

Coupa Success Portal

ISO 27001 Certification

Coupa ISO 27001 Certified

ISO 27001 is a globally recognized standard for the establishment and certification of an information security management system (ISMS). The standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the context of the organization’s overall business risks. It sets forth a risk-based approach that focuses on adequate and proportionate security controls that protect information assets and give confidence to interested parties.

The certification was performed by Schellman, an ANAB and UKAS Accredited Certification Body based in the United States.  

Schellman certified Coupa as compliant with all of the ISO/IEC 27001:2013 certification requirements––the international standard from the International Organization for Standardization (ISO) and the International Electrotechnical Commission. ISO 27001 is a globally recognized standard for the establishment, maintenance, and certification of an information security management system (ISMS). The details of Coupa’s ISO 27001 ISMS certification are publicly available in the Schellmann Certificate Directory or you can obtain a copy from the Coupa self-serve link: Compliance Reports Requests.

"Coupa is committed to providing independent assurance of our security controls and practices through third-party audits and certifications such as SSAE 16 and ISO 27001,“ said Phil Cox, vice president of security and compliance for Coupa. “Obtaining ISO 27001 certification is a tremendous achievement, as we continue to provide our customers with confidence that our security controls and practices follow internationally recognized security standards.”     

The ISO 27001 standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the context of the organization’s overall business risks. It sets forth a risk-based approach that focuses on adequate and proportionate security controls that protect information assets and give confidence to interested parties.       

Schellman & Company, LLC (Schellman) is a leading provider of attestation and compliance services. Schellman is the only company in the world that is a CPA firm, a globally licensed PCI Qualified Security Assessor, an ISO Certification Body, HITRUST CSF Assessor, and a FedRAMP 3PAO. Renowned for expertise tempered by practical experience, Schellman's professionals provide superior client service balanced by steadfast independence. The Schellman approach builds successful, long-term relationships and allows its clients to achieve multiple compliance objectives through a single third party assessor.

Born in the cloud, Coupa delivers a modern spend management platform that accelerates business by unifying processes across all the ways employees spend money. These processes cover travel and expense management, procurement, invoicing and related source-to-settle areas. Using the Coupa Open Business Network, the platform has connected more than 2 million suppliers and delivers a powerful solution for businesses committed to controlling their spend.

The Coupa ISO 27001 Surveillance Report and Certificate of Registration are available for download from the Coupa Compliance Reports Request Portal

  • Was this article helpful?