Security Statement

- XM for Customer Experience
  - Digital
    Root out friction in every digital experience, super-charge conversion rates, and optimize digital self-service
  - Care
    Uncover insights from any interaction, deliver AI-powered agent coaching, and reduce cost to serve
  - Locations
    Increase revenue and loyalty with real-time insights and recommendations delivered to teams on the ground
- XM for Employee Experience
  - Engage
    Know how your people feel and empower managers to improve employee engagement, productivity, and retention
  - Lifecycle
    Take action in the moments that matter most along the employee journey and drive bottom line growth
  - Analytics
    Whatever they’re saying, wherever they’re saying it, know exactly what’s going on with your people
- XM for Strategy & Research
  - Research
    Get faster, richer insights with qual and quant tools that make powerful market research available to everyone
  - User Experience
    Run concept tests, pricing studies, prototyping + more with fast, powerful studies designed by UX research experts
  - Brand
    Track your brand performance 24/7 and act quickly to respond to opportunities and challenges in your market
- XM Platform
  Explore the platform powering Experience Management
  - Free Account
  - Product Demos
- Teams
  - For Digital
  - For Customer Care
  - For Human Resources
  - For Researchers
  - All Teams
- Industries
  - Healthcare
  - Education
  - Financial Services
  - Government
  - All Industries
- Popular Use Cases
  - Customer Experience
  - Employee Experience
  - Net Promoter Score
  - Voice of Customer
- - Free Account
  - Product Demos
- Customer
  - Customer Success Hub
  - Product Documentation
  - Training & Certification
  - Community
  - XM Institute
  - Services
- Learn
  - Popular Resources
  - Customer Stories
  - Blog
  - Artificial Intelligence
  - XM Knowledge Base
- Company
  - About Us
  - Careers
  - Partnerships
  - Marketplace
  - X4 Summit
    The annual gathering of the experience leaders at the world’s iconic brands building breakthrough business results, live in Salt Lake City.
- - Free Account
  - Product Demos
PRICING
LOGIN
SUPPORT

Security Statement

June 10, 2024

OUR SECURITY, BRIEFLY STATED

Qualtrics’ most important concern is the protection and reliability of customer data. Our servers are protected by high-end firewall systems, and scans are performed regularly to ensure that vulnerabilities are quickly found and patched. Application penetration tests are performed annually by an independent third-party. Services have quick failover points and redundant hardware, with backups performed daily.

Access to systems is restricted to specific individuals who have a need-to-know such information and who are bound by confidentiality obligations. Access is monitored and audited for compliance.

Qualtrics uses Transport Layer Security (TLS) encryption (also known as HTTPS) for transmitted data. Surveys may be protected with passwords. Our services are hosted by trusted data centers that are independently audited using the industry standard SSAE-18 method.

QUALTRICS XM PLATFORM CERTIFICATIONS

SOC 2 Type II Certification

Qualtrics obtained a SOC 2 Type II report for the trust principles of Security, Availability, and Confidentiality. The report can be provided via the Trust Center or self-service repository.

ISO 27001, 27017, 27018, and 27701 Certifications

Qualtrics achieved ISO 27001, 27017, 27018, and 27701 certifications. A copy of the certificates can be provided via the Trust Center or self-service repository.

FedRAMP Authorization

Qualtrics is FedRamp Authorized. FedRAMP is the standard of U.S. government security compliance, with over 300 controls based on the highly-regarded NIST 800-53 that requires constant monitoring and periodic independent assessments. More information is found at https://www.fedramp.gov.

IRAP

Qualtrics has undergone an IRAP Assessment and has been issued an IRAP Audit Report. IRAP has over 700 controls based on the Australian Information Security Manual (ISM). More information is found at https://www.cyber.gov.au/acsc/view-all-content/programs/irap.

HITRUST

To better support our healthcare customers, Qualtrics achieved the HITRUST certification. The validated report can be provided via the Trust Center or self-service repository.

TISAX

Qualtrics follows the question catalog of information security of the German Association of the Automotive Industry (VDA ISA). The TISAX (Trusted Information Security Assessment Exchange) Assessments are conducted by the accredited audit providers that demonstrate their qualification at regular intervals. The result is exclusively retrievable over the ENX Portal: https://enx.com/tisax.

PCI – XM Discover VOC Data Integration Only

To better service customer service centers, the XM Discover Voice of Customer Data Integration is PCI DSS certified to handle call recording that may contain payment card information. The Attestation on Compliance (AOC) can be provided via the Trust Center or self- service repository.

More Information

Qualtrics current and prospective customers may request various security-related documents and questionnaires from our Trust Center.