Customer Trust

Start your security review
View & download sensitive information
Ask for information

Overview

For Access, Must Be On: Team, Enterprise, or Government Cloud


NOTE: TX-RAMP is only in scope for Government Cloud


FormAssembly is a web-based application that is offered as a SaaS solution. Data and the type of data to be collected depends on the company using the service to collect it.

Compliance

GDPR Logo
GDPR
ISO 27001 Logo
ISO 27001
ISO 27001 SoA Logo
ISO 27001 SoA
PCI DSS Logo
PCI DSS
SOC 2 Logo
SOC 2
TX-RAMP Logo
TX-RAMP
Visa Service Provider Logo
Visa Service Provider
VPAT Logo
VPAT
StateRAMP Logo
StateRAMP
Start your security review
View & download sensitive information
Ask for information

FormAssembly is reviewed and trusted by

AetnaAetna
Boston Medical CenterBoston Medical Center
CVS HealthCVS Health
Epic GamesEpic Games
Harvard Business SchoolHarvard Business School
UnitedHealth GroupUnitedHealth Group
Pentest Reports
ISO 27001
PCI DSS
SOC 2
Cyber Insurance
ISO 27001 Report
Network Diagram
PCI DSS
ISO 27001 SoA
VPAT
CAIQ STAR Security Questionnaire
HECVAT Full
HECVAT Lite
OWASP Questionnaire
SIG Lite
VSA Full
Access Control Policy
Asset Management Policy
Breach Investigation and Notification (BIN) Policy
Business Continuity and Disaster Recovery
Change Management
Compliance Audits and Communications
Data/Media Management Policy
Encryption Policy
HR & Personnel Security Policy
Incident Response Policy
Information Security Policy
Mobile Device Security and Media Management
Other ISO/IEC 27001 Documents
Risk Management and Risk Assessment
Secure Software Development and Product Security
System Audits, Monitoring and Assessments
Third Party Security Policy
Third Party Security, Vendor Risk Management
Threat Detection and Prevention Policy
Vulnerability Management
Code of Conduct
Disaster Recovery Test
HIPAA Self Assessment
Information Security Organization Chart

Risk Profile

Data Access LevelRestricted
Impact LevelModerate
Recovery Time Objective24 hours
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

ISO 27001 Report
Network Diagram
PCI DSS
View more

Self-Assessments

CAIQ STAR Security Questionnaire
HECVAT Full
HECVAT Lite
View more

Data Security

Access Monitoring
Backups Enabled
Data Centers & Physical Security
View more

App Security

Bot Detection
Code Analysis
View more

Data Privacy

Cookies
Data Breach Notifications
Data Privacy Officer
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
Anti-DDoS
View more

Endpoint Security

Disk Encryption
DNS Filtering
Endpoint Detection & Response
View more

Network Security

Data Loss Prevention
DNSSEC
Firewall
View more

Corporate Security

Asset Management Practices
Email Protection
Employee Training
View more

Policies

Access Control Policy
Asset Management Policy
Breach Investigation and Notification (BIN) Policy
View more

Security Grades

SecurityScorecard
FormAssembly App
Security Scorecard A grade
FormAssembly Enterprise
Security Scorecard A grade
HSTS Preload List
FormAssembly App
ImmuniWeb
FormAssembly CC
A
FormAssembly EC
A
FormAssembly App
A
View more

Knowledge Base

  • Are the policies and procedures reviewed and updated at least annually?
  • Are business continuity management and operational resilience policies and procedures established, documented, approved, communicated, applied, evaluated, and maintained?
  • Are application security policies and procedures reviewed and updated at least annually?
  • Are application security policies and procedures established, documented, approved, communicated, applied, evaluated, and maintained to guide appropriate planning, delivery, and support of the organization's application security capabilities?
  • Is compliance verified regarding all relevant standards, regulations, legal/contractual, and statutory requirements applicable to the audit?
View more

Trust Center Updates

If you need help using this Trust Center, please contact our Cybersecurity Risk team.

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo