Security Trust Center - Aptitude Software-竞博jbo官网

Aptitude Software Security Trust Center

The security of our products and services is a critical focus area for our organization. We utilize formal information security management practices based on globally accepted frameworks, regularly assess risks and periodically review our policies, procedures, and practices.

Product Security

Aptitude Software utilizes secure by design principles in the development of its products and services including secure coding practices, periodic internal and external vulnerability scanning and penetration testing of our products.  For further questions regarding our product security practices, please contact us at


Security Compliance Program (as of March 2023)

The Aptitude Software Compliance program helps communicate our information security posture and controls in place to maintain security and compliance for our services.  IT standards we comply with include Certifications, Attestations, Laws/Regulations and Framework Alignments.

Certifications and Attestations are assessed by third-party, independent auditors and result in a certification, an audit report, or an attestation of compliance. Aptitude Software services clients remain responsible for complying with applicable laws, regulations, and privacy programs. Existing clients (and service users) can obtain compliance reports by contacting us at


Aptitude Software is compliant with domestic and international standards and privacy laws. We utilize privacy by design principles in the design of our products and services. The Aptitude Software Data Protection Office (DPO) is responsible for privacy management at Aptitude Software. Our privacy statement is available at this link. For further questions please contact us at

Incident Response

Aptitude Software utilizes formal incident response polices and procedures in the event of a security incident. Our process includes steps for incident identification, prioritization, threat monitoring, triage and incident resolution.

Existing clients can report security incidents to Aptitude Software at

Security Documentation

Acceptable Use Policy – This policy applies to the client’s use of Aptitude Software Cloud Services

Current Security Topics

Conflict in Ukraine

Release Date: March 10th, 2022 |Revision Date: September 7th, 2022

Aptitude Software is closely monitoring the current military conflict in Ukraine and Russia. We do not have any infrastructure or employees in either Ukraine or Belarus nor are we reliant on any third-party service organization or vendor service provided out of these countries. Additionally, our organization has taken steps to establish the required cyber resilience in the event of a spill-over of cyber-attacks, destructive malware, misinformation and other threats outside of the conflict zone per guidance provided by CISA ( and other governmental agencies.  We have enhanced our cyber vigilance against these threats, updated our already robust business continuity plans to reflect current threat scenarios, and reinforced the same with our employees and other stakeholders. These measures will ensure the continued protection of our employees, offices, clients and information assets, and to mitigate any threats in a timely manner. We will provide additional notification directly to our client contacts in the event of any specific risks or impact to our services adhering to our contractual commitments and incident response policies.

Clients, partners and vendor service organizations can contact us at  or in the event of any additional questions.

Aptitude Software achieves ISO 27001 certification, demonstrating our commitment to IT security

By: Jeremy Suddards, CEO

February 24,2023

Our Aptitude Software customers entrust us to ensure that we provide a high degree of assurance regarding the security of our products and services. Aptitude Software has always maintained a strong client assurance program across products including our SOC program for our SaaS products as well as our PCI certification and GDPR program for products handling personal data.

I am now excited to announce a significant new recognition of our security posture across products. Aptitude Software has successfully achieved ISO/IEC 27001:2013 certification. ISO 27001:2013 is a rigorous third-party independent assessment of the international standard for Information Technology Security. Published by the International Organization for Standardization (ISO), ISO 27001 is a widely-adopted global security standard that sets requirements and best practices for information security. During the course of this certification, Aptitude Software has demonstrated a formal and well-designed approach to managing information security risks that affect the confidentiality, integrity, and availability of client data. This certification reinforces Aptitude Software’s commitment to providing transparency into our security controls and practices and assures clients that we follow industry-leading security best practices in our product offerings.

Schellman, an independent third-party auditor, issued the certificate on February 2, 2022. The scope of the ISO 27001:2013 certificate includes the information security management system (ISMS) supporting the development, delivery, and management of the following products and services:

  • Aptitude RevStream (AREV);
  • Aptitude’s Lease Accounting Engine (ALAE);
  • Aptitude Accounting Hub (AAH) System including associated components of AAH,
  • Aptitude Insurance Calculation Engine (AICE) and Aptitude Calculate (AC);
  • Aptitude Revenue Recognition Engine (ARRE);
  • Aptitude Platform; and
  • Aptitude eSuite

The certificate can be independently verified, viewed and downloaded at ISO Certificate Directory | Schellman. Please feel free to contact our Information Security Team at for further details.

Latest Resources

友情链接: 1 2 3 4 5 6 7 8 9 10