we have recently passed our ISO27001 certification. During the process, we found that Asana is the only of all our cloud-based SaaS suppliers not being ISO27001 certified.
We have created a time-limited exception to be able to continue to use Asana for the moment. However, we do expect our cloud SaaS providers to take information security seriously.
What is the strategy of Asana in this regard?
Are there specific plans for you to get ISO27001 certified?
Do you have any independent assessment of your information security standards?
You can learn more about our security and privacy processes here: Trust at Asana • Asana. Regarding the ISO27001 certification specifically, I would recommend reaching out to our support team, our security experts will be able to better advise you!