we have recently passed our ISO27001 certification. During the process, we found that Asana is the only of all our cloud-based SaaS suppliers not being ISO27001 certified.
We have created a time-limited exception to be able to continue to use Asana for the moment. However, we do expect our cloud SaaS providers to take information security seriously.
What is the strategy of Asana in this regard?
Are there specific plans for you to get ISO27001 certified?
Do you have any independent assessment of your information security standards?