Altus Trust Center

Welcome to the Altus Trust Center - your resource for understanding how we safeguard data and uphold security. At Altus, trust and privacy are foundational to everything we do.

Here you will find information about Altus's practices including additional information related to security, privacy, and general infrastructure documentation.

Altus takes compliance assurance seriously, and our product has been architected with a focus on trust and security. ISO 27001 Certification and SOC Type II Auditing are essential mechanisms for organizations to maintain robust security and risk controls, and Altus is working towards achieving ISO 27001, SOC Type 2 and GDPR compliance to align with industry-leading standards and best practices.

It's important to note that Altus doesn't operate any equipment that transmits, processes, or stores customer data. As a result, in addition to our certifications we invite you to explore our platform certifications, which ensure the security and trustworthiness of the environment in which the Altus product operates. These certifications can be found at the Microsoft Security & Trust Center, reinforcing our commitment to providing a secure and reliable experience.

Penetration Testing is often a standard check box on many security questionnaires however in the case of Altus PPM the security perimeter for Authentication and Authorisation is the Entra ID service itself with access to customer data controlled by the Customer through the Power Platform role based access controls. Conducting penetration testing of the Microsoft products beyond the existing comprehensive testing performed by Microsoft is not likely to provide an increased level of risk assurance.

Explore the Altus Trust Center to learn more about our security posture and request access to detailed security documentation.