RiskImmune™ Trust Center — Security, Compliance & Privacy Documentation
Last updated 2026-03-01
The RiskImmune™ Trust Center provides transparency about our security practices, compliance posture, and data handling procedures. Documentation available includes our SOC 2 Type II audit report (available under NDA to enterprise customers), ISO 27001:2022 certificate and scope statement, annual penetration testing reports summary, vulnerability disclosure policy and responsible disclosure process, data retention and deletion schedules, sub-processor list with security assessments, business continuity and disaster recovery documentation, and incident response and breach notification procedures. RiskImmune™ undergoes annual third-party security audits and continuous automated security scanning. Our security programme is designed to meet the due diligence requirements of enterprise customers in financial services, healthcare, and critical infrastructure sectors.
What security certifications does RiskImmune hold?
RiskImmune™ holds ISO 27001:2022 certification and has completed a SOC 2 Type II audit. We undergo annual penetration testing by independent third parties, maintain continuous automated security scanning, and publish our vulnerability disclosure policy for responsible disclosure. All certifications and documentation are available in the Trust Center.
Where can I download RiskImmune's DPA for GDPR compliance?
The RiskImmune™ Data Processing Agreement (DPA) is available for download in the Trust Center and Trust Portal. The DPA covers GDPR Article 28 processor obligations, Standard Contractual Clauses (SCCs) for international transfers, sub-processor management, and breach notification procedures. Contact info@riskimmune.ai for a signed copy.
What security documentation is available for enterprise vendor due diligence?
RiskImmune™ Trust Center provides: SOC 2 Type II report summary, ISO 27001:2022 certificate and scope, penetration test executive summary, information security policy, data processing agreement (DPA), sub-processor list, vulnerability disclosure policy, business continuity documentation, and incident response policy. Full audit report access is available through the authenticated Trust Portal.