AvePoint Achieves ISO 27001:2013 and 27017:2015, and CSA Star Level 2 Certifications

Completion of three rigorous audits demonstrates the company’s continued commitment to security and privacy


JERSEY CITY, New Jersey, Aug. 16, 2022 (GLOBE NEWSWIRE) -- AvePoint (NASDAQ: AVPT), the most advanced SaaS and data management platform provider, today announced re-certification and demonstration of conformance to the International Organizations for Standardization’s (ISO) information security management system (ISMS) audit using the 27001:2013, and 27017:2015 frameworks as well as certification against Cloud Security Alliance (CSA) Security, Trust, Assurance and Risk (STAR) Level 2. AvePoint’s achievement of three external audits reflects their prioritization of security and privacy for both the organization and its customers with enhanced abilities to help them mitigate access risk, reduce security breaches, and strengthen audit and compliance posture.

“AvePoint is deeply committed to helping all organizations safely manage their digital collaboration data, which is why we hold ourselves to such a high standard when it comes to privacy and security for both the company and our customers,” said Dana Simberkoff, Chief Information, Security and Risk Officer, AvePoint. “External validation from the ISO and CSA organizations demonstrates that we are delivering on our promise, and I am proud of the effort our teams put in to make this possible.”

ISO Recertifications:

The ISO recertifications affirm that AvePoint has proper company-wide processes including the management, operation, and maintenance of the people and information assets, information systems, and the associated processes that enable corporate operations. In addition, products and services provided from AvePoint are verified to help make cloud services for customers and partners as safe and secure as the rest of the organization’s information.

ISO is an independent, non-governmental international organization with a membership of 161 national standard bodies, credited with publishing more than 2,100 international standards covering almost every industry from technology to food safety to aviation to healthcare. For five years, AvePoint has been audited against ISO 27001:2013, last year adding ISO: 27017:2015 to its repertoire.

CSA Star Level 2 Certification:

The CSA STAR Level 2 Certification for ISO/ IEC 27001:2013 affirms that AvePoint, as a cloud service provider, abides by cloud specific standards. It is a rigorous third-party, technology-neutral certification that leverages the requirements of the ISO/IEC 27001:2013 management system standard together with the CSA Cloud Controls Matrix.

These certifications achieved today add to a longstanding history of AvePoint’s dedication to security. AvePoint is also a SOC 2 Type II Certified vendor, continues to expand its FedRAMP (moderate) Authorization, and has been assessed against the IRAP official controls in Australia.

To learn more about AvePoint’s policies and certifications around security, privacy and accessibility, please visit the AvePoint Trust Center https://www.avepoint.com/company/trust-center.

About AvePoint    

Collaborate with confidence. AvePoint provides the most advanced platform for SaaS and data management to optimize SaaS operations and secure collaboration. More than 9 million cloud users rely on our solutions. Our SaaS solutions are also available to managed service providers via more than 100 cloud marketplaces, so they can better support and manage their small and mid-sized business customers. Founded in 2001, AvePoint is a five-time Global Microsoft Partner of the Year and headquartered in Jersey City, New Jersey. For more information, visit https://www.avepoint.com.

Forward Looking Statements

This press release contains certain forward-looking statements within the meaning of the “safe harbor” provisions of the United States Private Securities Litigation Reform Act of 1995 and other federal securities laws including statements regarding the future performance of and market opportunities for AvePoint. These forward-looking statements generally are identified by the words "believe," "project," "expect," "anticipate," "estimate," "intend," "strategy," "future," "opportunity," "plan," "may," "should," "will," "would," "will be," "will continue," "will likely result," and similar expressions. Forward-looking statements are predictions, projections and other statements about future events that are based on current expectations and assumptions and, as a result, are subject to risks and uncertainties. Many factors could cause actual future events to differ materially from the forward-looking statements in this press release, including but not limited to: changes in the competitive and regulated industries in which AvePoint operates, variations in operating performance across competitors, changes in laws and regulations affecting AvePoint's business and changes in AvePoint’s ability to implement business plans, forecasts, and ability to identify and realize additional opportunities, and the risk of downturns in the market and the technology industry. You should carefully consider the foregoing factors and the other risks and uncertainties described in the "Risk Factors" section of AvePoint’s most recent Quarterly Report on Form 10-Q, its registration statement on Form S-1 and related prospectus and prospectus supplements, and in its subsequent filings made to the SEC. Copies of these and other documents filed by AvePoint from time to time are available on the SEC's website, www.sec.gov. These filings identify and address other important risks and uncertainties that could cause actual events and results to differ materially from those contained in the forward-looking statements. Forward-looking statements speak only as of the date they are made. Readers are cautioned not to put undue reliance on forward-looking statements, and AvePoint does not assume any obligation and does not intend to update or revise these forward-looking statements after the date of this release, whether as a result of new information, future events, or otherwise, except as required by law. AvePoint does not give any assurance that it will achieve its expectations.

Disclosure Information

AvePoint uses the https://ir.avepoint.com/ website as a means of disclosing material non-public information and for complying with its disclosure obligations under Regulation FD.

Media Contact 
Nicole Caci 
AvePoint 
Nicole.caci@avepoint.com  
201-201-8143