Persefoni Certifications

Persefoni emphasizes both security and verification as fundamental business operations.

ISO 27001

Persefoni maintains an ISO 27001 certification which provides external auditor validation that an effective Information Security Management System (ISMS) has been established to identify and manage information risks through a comprehensive set of company-wide processes and security controls, including processes and controls that continually improve the ISMS.

Security Trust Assurance & Risk (STAR): Level Two Third-Party Audit

Persefoni is a proud member of the Cloud Security Alliance (CSA), an organization dedicated to enhancing the security of cloud computing. To demonstrate Persefoni’s commitment to security, Persefoni's security controls include scope for CSA’s Consensus Assessment Initiative Questionnaire (CAIQ) which have been certified as STAR Level 2 by an external auditor. Persefoni’s CSA certifications and related CAIQ responses are available for review in the CSA STAR registry here.

SOCOTEC International Certification

SOCOTEC International Certification verifies that our platform calculates emissions correctly based on the GHG Protocol and PCAF Standard.

TÜV Rheinland

TÜV Rheinland stands for safety and quality in virtually all areas of business and life. Founded almost 150 years ago, the company is one of the world’s leading, independent testing service providers; they rigorously validate that solutions, processes, and services comply with international standards. As such, TÜV Rheinland is a global trademark of trust and verification.

National Institute Standards and Technology U.S. Department of Commerce

The NIST Cybersecurity Framework (NIST CSF) provides guidance on how to manage and reduce IT infrastructure security risk. Persefoni has adopted the NIST Cybersecurity Framework to cornerstone the development and maturing of our security organization, processes, and procedures.

SOC I and II Type II

SOC I Type II: The service organization control (SOC) 1 Type 2 report provides an external auditor’s attestation that Persefoni maintained appropriate controls around the Climate Management and Accounting Platform (CMAP) for customer financial reporting purposes (specific to carbon accounting). Persefoni received a clean, unqualified audit report with no exceptions.

SOC II Type II: The service organization control (SOC) 2 Type 2 report provides an external auditor’s attestation that Persefoni's security controls were in place and effective for the report’s coverage period as related to the American Institute of Certified Public Accountant's (AICPA) trust service principles. Persefoni was audited against the Security, Availability, and Confidentiality trust service principles and received a clean, unqualified audit report with no exceptions.