×

MetricStream’s mission is to help our customers 'Thrive on Risk'. Trust is the foundation of enabling this journey. Trust encompasses all stakeholders - customers, partners, employees, shareholders, and a broader group of GRC industry participants. We believe transparency at all levels is key to earning and maintaining this trust. As a Governance, Risk, and Compliance (GRC) software as a service (SaaS) provider, MetricStream’s focus on trust is governed by three areas: Reliability and Performance, Security and Privacy, and Compliance. In each of the areas, MetricStream provides continuous assurance, adaptability, and improvements.

Click here to know more about Spring Java Framework (Spring4Shell) vulnerability

Click here to know more about the Advisory on Okta attack by Lapsus$

Click here to know more about the Advisory on Apache Log4j Vulnerability (CVE-2021-44228)

 

Reliability and Performance


MetricStream’s SaaS architecture foundation is a multi-instance global cloud and develops continuous improvements on performance and with every software release. Millions of GRC professionals benefit from improvements based on our design and release principals. MetricStream has service level agreements where standard levels of service are continually updated, and levels of service improved.

DOWNLOAD WHITEPAPER

  Reliability and Performance

Security


Built on an R&D foundation of secure software development practices, MetricStream SaaS Applications are designed in a secure, cloud-based, digitization journey for every customer. With a continuous focus and vigilance on a multi-layer security model, MetricStream continues to be a trusted partner for all our customers. Security, in a SaaS model, must be a shared responsibility and this collaborative model is the basis for a successful partnership for all customers.

Click here to review details on Shared Responsibility and Cloud Security Assurance

Download "Security Standards for MetricStream Cloud"

MetricStream conducts audits using certified third-party security assessors to evaluate our security controls and practices on an annual basis.

 

REQUEST SECURITY REPORT

  Security

Privacy


MetricStream fundamentally values privacy of all the stakeholders involved. It is built on the well-known principles of privacy around accuracy, ask for and keep only what you need, keep it secure, and remove when not needed. This has helped us not only meet but also exceed expectations when new regulations such as GDPR and CCPA came about. MetricStream Infrastructure is designed with clear systems principles.

MetricStream’s privacy policy protects your data from being used or accessed by MetricStream or any third party in ways that might compromise the integrity of the data or the trust you have placed in MetricStream.

READ PRIVACY POLICY

  Privacy

Compliance


As leader in GRC, MetricStream embraces all elements of compliance. We maintain our compliance through annual audits and compliance reports by certified third-party assessors.

REQUEST COMPLIANCE REPORTS

  Compliance
  • customer-logo-1
  • customer-logo-2
  • customer-logo-3
  • customer-logo-4
  • customer-logo-5
  • customer-logo-6

Ready to get started?

Speak to our experts