Compliance at Atlassian

Don't just take us at our word - we encourage you to inspect and verify our security and privacy practices and operations. Our team is constantly working to expand coverage to help organizations meet compliance needs.


Our compliance program

SOC logo


Регулярно обновляемый отчет SOC 2 (System and Organization Controls — контрольные процедуры для систем и организаций) содержит информацию о средствах нефинансового контроля в отношении безопасности, доступности и конфиденциальности облачного сервиса.

В настоящее время отчеты SOC 2 доступны для Jira и Confluence Cloud, Bitbucket Cloud, Trello, Opsgenie, Statuspage и Jira Align.

SOC logo


SOC 3 (System and Organization Controls) is a regularly refreshed report that focuses on internal controls as they relate to security, availability, and confidentiality of a cloud service.

Download SOC3 for:

PCI DSS logo


The Payment Card Industries Data Security Standard is an information security standard for the handling of credit card information.

Download our PCI Attestations of Compliance (AoC) for:

ISO/IEC 27018 logo

ISO/IEC 27001

ISO 27001 is specification for an information security management system (ISMS), which is a framework for an organization's information risk management processes.

Продукты, входящие в сертификацию: Jira Cloud, Confluence Cloud, Bitbucket Cloud, Trello и Opsgenie

Iso/IEC 27018 logo

ISO/IEC 27018

ISO 27018 is a code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.

Продукты, входящие в сертификацию: Jira Cloud, Confluence Cloud, Bitbucket Cloud, Trello и Opsgenie

Privacy Shield logo

Privacy Shield

The US/EU Privacy Shield and US/Swiss Privacy Shield programs provide additional privacy protection for EU residents when their personal data is moved outside of Europe to the United States.

GDPR logo


The General Data Protection Regulation is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.

VPAT logo


The Voluntary Product Accessibility Template is a document used by providers to self-disclose the accessibility of a particular product.


Vendor Management and Security Assessment Program

Our data centers, co-location, and managed service providers undergo a thorough security assessment as a part of the evaluation process and then undergo regular SOC1, SOC2 and/or ISO/IEC 27001 audits thereafter. In the event these audits have material findings, which present risks to Atlassian or our customers, we work closely with the vendor to track their remediation efforts until the issue has been resolved.

Control panel

The Atlassian Controls Framework

Our Common Controls Framework is a set of security activities and controls Atlassian implements across our global product and infrastructure teams. To create this framework, we analyzed the requirements of all the certifications that apply to Atlassian customers around the world. This holistic and structured approach to compliance enables us to consistently implement these controls across Atlassian’s products and infrastructure.

Network globe with flag

Cloud Security Alliance Membership

Atlassian is a member of the Cloud Security Alliance (CSA), a not-for-profit organization whose mission is to promote best practices for security assurance in cloud computing. CSA’s Security, Trust & Assurance Registry (STAR) is a publicly accessible registry that documents industry-verified security controls. We routinely update a Consensus Assessment Initiative (CAI) Questionnaire and make it publicly available to view.

Три пересекающихся кольца

Программа управления рисками

С внедрением принципов управления корпоративными рисками на всех уровнях организации повышается эффективность принятия решений в рамках деятельности по администрированию, стратегическому планированию, постановке целей и выполнению повседневных задач. На программе управления рисками Atlassian сосредоточены основные усилия нашей команды по оценке рисков и обеспечению соответствия требованиям. Эта программа лежит в основе нашего подхода к принятию решений. При ее разработке за образец был взят стандарт ISO 31000-2009 «Менеджмент риска. Принципы и руководящие указания». Оценка проводится ежегодно и даже чаще, если это необходимо.

Get more visibility into our cloud platform roadmap

We're committed to providing visibility into our upcoming security, compliance, privacy, and reliability releases wherever possible.

Cloud platform roadmap (Track, Plan, and Support)

Пузырьки вопросов и ответов

Есть дополнительные вопросы по нашей программе соблюдения требований?

У вас есть сертификаты по продуктам Cloud? Вы можете заполнить мою анкету по безопасности? Где я могу получить подробную информацию? 

We’re here and ready to answer all of your questions.

Trust & Security Community

Join the Trust & Security group on the Atlassian Community to hear directly from our Security team and share information, tips, and best practices for using Atlassian products in a secure and reliable way.

Atlassian Support

Reach out to one of our highly-trained support engineers to get answers to your most specific security questions. You may find the answers to many of your questions on our pre-filled security questionnaires.