PORTLAND, Ore. — December 4, 2025 — NAVEX, the global leader in integrated risk and compliance management software, has obtained ISO 27001 certification. Obtaining ISO 27001 certification underscores NAVEX’s commitment to incorporating recognized frameworks into the operation and communication of its information security program to effectively protect information assets.
NAVEX operates a robust global data privacy and security function to provide customers and stakeholders peace of mind and protection. In addition to ISO 27001, the business already meets the requirements of the Data Privacy Framework, SOC 2 Type II, and General Data Protection Regulation (GDPR).
“Our customers trust NAVEX with their business, and we work to continually enhance our security posture. This certification will simplify the security assessment of NAVEX for companies globally,” advises Bob McCarter, Chief Technology Officer at NAVEX. “Our fundamental security posture and practices haven’t changed, but adding ISO 27001 to the SOC 2 Type II gives customers and prospects an additional recognized standard against which to evaluate NAVEX.”
Click here for more information on how NAVEX handles data privacy, storage, and hosting.
About NAVEX
Trusted by 13,000 organizations, including 75 percent of Fortune 100 and 500 companies, NAVEX is the global leader in risk and compliance solutions. Its NAVEX One platform strengthens risk and compliance programs, empowering organizations with unparalleled industry benchmark data and insights. NAVEX One provides a 360-degree view of enterprise, third party and ecosystem risk for enhanced regulatory compliance and proactive risk management. Based in Lake Oswego, OR, with a global presence, NAVEX continues to shape the future of governance, risk and compliance. Visit our blog or follow us on LinkedIn, Facebook, and YouTube.