ShiftControl - Trust Center
Compliance and Security Portal for ShiftControl.
Security commitment
At ShiftControl, security is not an add-on β itβs the foundation.
We help startups and growing businesses manage identity, access and SaaS operations with clarity and control. Because we sit at the center of your Google Workspace and SaaS ecosystem, protecting your data is a responsibility we take seriously.
We are committed to maintaining strong security practices aligned with SOC 2, ISO 27001 and GDPR standards.
Our approach is built around:
- Least-privilege access and identity lifecycle control
- Strong authentication and enforced MFA
- Continuous monitoring and risk management
- Transparent processes and responsible data handling
Security is core to how we build, operate and scale β so you can do the same.
Framework overview
An overview of ShiftControl's compliance status across common frameworks like SOC 2, ISO 27001, ISO 9001, and GDPR.
ISO 27001
Compliant
21Policies
An up to date list of policies published internally by ShiftControl.
Security Awareness & Training Policy
Privacy Policy
Code of Business Conduct
Incident Response Policy
Information Protection Policy
Information Classification & Handling Policy
HR Policy
Capacity & Performance Management
Business Continuity Policy
Information Security Program
Secure Development Policy
Access Control Policy
Vulnerability Management Policy
Third-Party Risk Management Policy
Information Technology & Acceptable Use Policy
29Controls
An up to date list of controls published internally by ShiftControl.
Employee Access
Incident Response
Monitoring & Alerting
Public Policies
Diagramming
Planning
Secure Secrets
Code Changes
2FA
App Availability
Secure Devices
Employee Verification
Employee Descriptions
TLS / HTTPS
Review Policies
Encryption at Rest