
A centralized resource providing the documentation, certifications, audit results, and subprocessor disclosures needed to support security and compliance reviews, maintained with regular updates.
Quick links
Is a fully managed, cloud-native SaaS platform that integrates inherited physical security from leading public cloud providers with a custom-built enterprise architecture to handle all infrastructure, operations, and scaling. Under a Shared Responsibility Model, Pega secures this foundational environment and platform, while clients remain responsible for their specific application configurations, data classification, and user access management.
Typical data access: Pega Cloud operates as a standalone, isolated environment where clients control all external connectivity and Pega access is restricted to strictly governed, client-approved security parameters.
Certifications: SOC 2 Type 2, SOC 1 Type 2, ISO 27001, ISO 22301:2019, FedRAMP, PCI:DSS, HIPAA, GDPR, IRAP