Security Statement

- XM for Customer Frontlines
  - Digital
    Root out friction in every digital experience, super-charge conversion rates, and optimize digital self-service
  - Care
    Uncover insights from any interaction, deliver AI-powered agent coaching, and reduce cost to serve
  - Locations
    Increase revenue and loyalty with real-time insights and recommendations delivered to teams on the ground
- XM for People Teams
  - Engage
    Know how your people feel and empower managers to improve employee engagement, productivity, and retention
  - Lifecycle
    Take action in the moments that matter most along the employee journey and drive bottom line growth
  - Analytics
    Whatever they’re are saying, wherever they’re saying it, know exactly what’s going on with your people
- XM for Strategy & Research
  - Research
    Get faster, richer insights with qual and quant tools that make powerful market research available to everyone
  - User Experience
    Run concept tests, pricing studies, prototyping + more with fast, powerful studies designed by UX research experts
  - Brand
    Track your brand performance 24/7 and act quickly to respond to opportunities and challenges in your market
- XM Platform
  Explore the platform powering Experience Management
  - Free Account
  - Watch Demo
- Teams
  - For Digital
  - For Customer Care
  - For Human Resources
  - For Researchers
  - All Teams
- Industries
  - Healthcare
  - Education
  - Financial Services
  - Government
  - All Industries
- Popular Use Cases
  - Customer Experience
  - Employee Experience
  - Employee Exit Interviews
  - Net Promoter Score
  - Voice of Customer
- - Free Account
  - Watch Demo
- Customer
  - Customer Success Hub
  - Product Documentation
  - Training & Certification
  - Community
  - XM Institute
- Learn
  - Popular Resources
  - Customer Stories
  - Blog
  - XM Knowledge Base
- Company
  - About Us
  - Careers
  - Partnerships
  - Marketplace
  - X4 Summit
    The annual gathering of the experience leaders at the world’s iconic brands building breakthrough business results, live in Salt Lake City.
- - Free Account
  - Watch Demo
PRICING
LOGIN
SUPPORT

Security Statement

October 26, 2022

OUR SECURITY, BRIEFLY STATED

Qualtrics’ most important concern is the protection and reliability of customer data. Our servers are protected by high-end firewall systems and scans are performed regularly to ensure that any vulnerabilities are quickly found and patched. Application penetration tests are performed annually by an independent third-party. All services have quick failover points and redundant hardware, with backups performed daily.

Access to systems is restricted to specific individuals who have a need-to-know such information and who are bound by confidentiality obligations. Access is monitored and audited for compliance.

Qualtrics uses Transport Layer Security (TLS) encryption (also known as HTTPS) for all transmitted data. Surveys may be protected with passwords. Our services are hosted by trusted data centers that are independently audited using the industry standard SSAE-18 method.

QUALTRICS XM PLATFORM CERTIFICATIONS

SOC 2 Type II Certification

Qualtrics obtained a SOC 2 Type II report for the trust principles of Security, Availability, and Confidentiality. The report can be provided via the trust center or self service repository.

ISO 27001, 27017, and 27018 Certifications

Qualtrics achieved ISO 27001, 27017, and 27018 certifications. A copy of the certificates can be provided via the trust center or self service repository.

FedRAMP Authorization

Qualtrics is FedRamp Authorized. FedRAMP is the standard of U.S. government security compliance, with over 300 controls based on the highly-regarded NIST 800-53 that requires constant monitoring and periodic independent assessments. More information is found at https://www.fedramp.gov.

IRAP

Qualtrics has undergone an IRAP Assessment and has been issued an IRAP Audit Report. IRAP has over 700 controls based on the Australian Information Security Manual (ISM). More information is found at https://www.cyber.gov.au/acsc/view-all-content/programs/irap.

HITRUST

To better support our healthcare customers, Qualtrics achieved the HITRUST certification. The validated report can be provided via the trust center or self service repository.

TISAX

Qualtrics follows the question catalog of information security of the German Association of the Automotive Industry (VDA ISA). The TISAX (Trusted Information Security Assessment Exchange) Assessments are conducted by the accredited audit providers that demonstrate their qualification at regular intervals. The result is exclusively retrievable over the ENX Portal: https://enx.com/tisax. NOTE: At the time of the assessment, Qualtrics was owned by SAP and is listed under SAP’s listing.

XM DISCOVER / SOCIAL CONNECT

ISO 27001 Certification

Qualtrics achieved ISO 27001 certification. A copy of the certificates can be provided via the trust center or self service repository.

HITRUST

To better support our healthcare customers, Qualtrics achieved the HITRUST certification. The validated report can be provided via the trust center or self service repository.

PCI

To better service customer service centers, the XMD platform is PCI DSS certified to handle call recording that may contain payment card information. The Attestation on Compliance (AOC) can be provided via the trust center or self service repository.

More Information

Qualtrics customers may request various security-related documents and questionnaires from the Security Document Center in our support portal. Prospective customers may request security-related documents from our Trust Center.