AvePoint
Resources Blogs Strengthening Trust Through Global Security Certifications

Strengthening Trust Through Global Security Certifications

author
calendar10/29/2025
clock 3 min read
feature image

book open Table of Contents

At AvePoint, security, privacy, and compliance are integral to how we build trust with our customers and partners. With data security, protection, and governance at the core of who we are and what we do, we recognize that third-party certifications play a vital role in validating that commitment. Certifications provide independent assurance that our practices meet or exceed rigorous global standards, giving our customers the confidence that their sensitive data is safe in our hands. 

Breaking New Ground in Japan with ISMAP

This year, we are proud to share that AvePoint is now one of fewer than 100 organizations worldwide to achieve Information System Security Management and Assessment Program (ISMAP) certification in Japan. Joining the ranks of Microsoft, Google, and Nokia, we became the 99th company to be validated under this demanding program.

Why does this matter? ISMAP is one of the most comprehensive government security standards in the world, with 1,157 individual controls. Meeting this threshold is no small feat; it demonstrates not only our ability to serve Japanese government agencies, but also underscores our global credibility. ISMAP recognition sends a clear signal: AvePoint can meet the most rigorous security requirements, anywhere in the world. 

AvePoint Singapore Earns IMDA’s DPTM Accreditation

In Singapore, AvePoint has also earned accreditation under the Infocomm Media Development Authority’s (IMDA) Data Protection Trustmark (DPTM), a nationally-recognized certification that validates strong data protection practices aligned with Singapore’s Personal Data Protection Act (PDPA). This accreditation underscores our commitment to responsible data handling, transparency, and accountability, providing customers with independent assurance that their data is managed with care, integrity, and rigor.  

Renewing and Expanding Our Global Certifications

These certifications reflect AvePoint’s continued investment in meeting the highest security and data protection standards worldwide. As part of our 2025 recertification cycle, we renewed several key designations: 

  • ISO Certifications, including ISO 27001:2022, ISO 27017:2015, and ISO 27701:2019. These globally recognized standards validate our strong information security management, cloud security, and privacy practices. Notably, our auditors found zero non-conformities, reflecting our rigorous approach.
  • IRAP, ensuring compliance with the Australian government’s Information Security Registered Assessors Program. 

Beyond these, AvePoint continues to maintain: 

  • SOC 2 Type II, demonstrating operational effectiveness across security, availability, and confidentiality controls.
  • CSA STAR Level 2, Cloud Security Alliance’s leading security assurance certification.
  • FedRAMP Moderate and StateRAMP, authorizations that validate our readiness to support US federal, state, and local governments.

  • HITRUST, providing assurance to healthcare organizations that we safeguard sensitive patient health data by meeting integrated HIPAA, NIST, and ISO requirements. 

More information on AvePoint’s certifications is always available at the AvePoint Trust Center

Why Certifications Matter

Certifications are more than just milestones; they are ongoing commitments. Each one requires a significant investment of time, resources, and continuous improvement. For us, they reinforce a culture of accountability and transparency. For our customers and partners, they mean peace of mind: proof that AvePoint consistently meets the highest standards of security, privacy, and compliance across industries and geographies. 

Continuing Our Commitment

Earning and maintaining these certifications is a collective effort across AvePoint teams around the world. Every audit, every standard we meet, and every new designation we achieve reflects the dedication of our people and the trust of our customers.  

As the threat landscape evolves and regulations continue to expand, AvePoint remains committed to going above and beyond to safeguard your data. Each certification we achieve is a milestone in a much larger journey: building resilient systems and processes that protect data at every turn. These achievements demonstrate not just compliance, but accountability — to our customers, to regulators, and to ourselves. That accountability is what drives us forward. 

author

Dana Simberkoff

Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She oversees a global team of subject matter experts who monitor industry trends, emerging technologies, and best practices in risk management and compliance. Dana also provides strategic guidance on product direction, technology enhancements, customer challenges, and market opportunities, partnering closely with internal and external executive stakeholders. Dana is an industry leader, previously serving on the Education Advisory Board for the International Association of Privacy Professionals (IAPP) and as a founding member of the Women Leading Privacy Advisory Board. Dana has been featured in the Wall Street Journal, Forbes, Security Magazine and more, and is consistently recognized by organizations like IDC and CSO as an influential woman in cybersecurity. Dana holds a Bachelor of Arts degree from Dartmouth College and a Juris Doctor from Suffolk University Law School.

compliancedata security