2121/24, 641 PM ‘Trust -Coupa
s3coupa
‘COUPA TRUST
Success begins with
relationships based on
trust
Coupa earns your trust through our five Trust
Pillars
Security Compliance Privacy Product Compliance ESG
Intps:twww-coupa.comicompanyitust 182121/24, 641 PM Trust -Coupa
#,ecoupa
and operations from the very beginning of the product
development lifecycle. Our commitment is to invest in
the technology, people, and processes that ensure the
data you've entrusted with us is safe, secure, and totally
private.
Review our responsible disclosure policy below
Our Responsible Disclosure Policy >
hitps www. coupa.comcompanyhrust
Technical Vulnerability
Management
The Security Operations Center (SOC) oversees
vulnerability management and is responsible for
monitoring application and system vulnerabilities. To
report vulnerabilities, reach out below:
Customers a
Customers can reference additional security program
information via the Secure Coupa Compass Portal
Learn More >
Prospects and Partners v
Suppliers v
2182121/24, 641 PM
#,ecoupa
soci
Coupa is SOC 1
compliant on
controls Relevant to
User Entities’
Internal Control
Over Financial
Reporting.
hitps www. coupa.comcompanyhrust
Trust -Coupa
Compliance
soc2
Coupa is SOC 2
compliant on
controls relevant to
Security, Availability,
and Confidentiality.
IsO 27001
‘Coupa maintains a
certified Information
Security
Management
‘System that
conforms to the
requirements of
ISO/IEC 27001:2013.
Iso 27001
¢
DH ICERTIFIED|
» schellman
382121/24, 641 PM
#,ecoupa
Coupa maintains a
certified privacy
Information
Management
‘System (PIMS) that
conforms to the
requirements of
ISO/IEC 27701:2013.
Iso 27701
Lf
FedRAMP
Moderate
‘Coupa maintains a
FedRAMP (Federal
Risk and
Authorization
Management
Program) Moderate
Authorization.
Trust -Coupa
Coupa is certified
with the Payment
Card Industry Data
Security Standards
(PCI Dss)
certification, which
safeguards
cardholder data.
Secuity,
Sindatde Cound
ITAR/GovCloud
Coupa complies
with the ITAR
Personnel Screening
and Access
Authorization
procedures for
Coupa’s GovCloud
Platform.
Coaren a aeme)
Coupa is compliant
with the Health
Insurance Portability
and Accountability
Act (HIPAA) hosting
standards for
Protecting Private
Health Information,
HIPAA
TANT
TISAX
Coupa is certified
with the European
Information Security
Assessment (ISA) for
the Automotive
Industry.
TISAX’
APEC PRP
Coupa conforms to
the Asia Pacific
Economic
Cooperation (APEC)
Privacy Recognition
hitps www. coupa.comicompanyhust
BSIC5
Certification
Coupa is certified
with the German BSI
(Federal Office for
Information
Security) for secure
482121/24, 641 PM ‘Trust -Coupa
coupa
BY Sessa
APEC
PRIGACY
Home / Trust
Products
Solutions
Customers
Resources
Partners
Services
Company
Careers
News
Initiatives
f§ X nm og G
Why Coupa
Need to get in touch? (Contact Us.
#,3coupa
Intps:twww-coupa.comicompanyitust2121124, 8:41 PM ‘Trust -Coupa
scoupa
Intps:twww-coupa.comicompanyitust