SpringCM has achieved Federal Risk and Authorization Management Program (FedRAMP) Authorization, making it the first FedRAMP compliant Contract Lifecycle Management (CLM) solution. With the SpringCM FedRAMP certified document and contract management platform, federal agencies can meet the strict government security requirements while streamlining their complex business processes and the associated workflows for the billions of documents managed, significantly cutting down review and approval times. Read the full press release here.
SpringCM’s Governance, Risk Management and Compliance (GRC) program is based on the Cloud Control Matrix (CCM) — which are Cloud Security Alliance's (CSA) "security principles to guide cloud vendors" to prospective customers.
Our internal GRC management platform maintains appropriate mappings to NIST, ISO, CSA, and other privacy, legal, and regulatory standards are reviewed annually by expert counsel.
SpringCM has completed CSA compliant Consensus Assessments Initiative Questionnaire (CAIQ) and we welcome customers to download and review the document.
SSAE 18 Type 2 – SOC 1 since 2008 (formerly SAS 70 and SSAE 16); Available under NDA
Earned Skyhigh's CloudTrust™ rating of Skyhigh Enterprise-Ready