Support Fusion is ISO 27001 certified - and here's how you can verify it
Security isn’t a feature you add after the fact. It’s either built into how you operate, or it isn’t.
At Support Fusion, we move critical service work between companies - tickets, alerts, assets, and agreements flowing across organisational boundaries in real time. That means we’re sitting in the middle of data that matters: customer records, SLA commitments, active incidents. The IT service providers and their clients who rely on us need to know their information is handled with care, not just our word for it.
Today, we’re sharing two things: our ISO/IEC 27001:2022 certification, and the launch of our Trust Center at trust.suppfusion.com.
What ISO 27001 actually means
ISO/IEC 27001 is an internationally recognised standard for information security management. Achieving certification means an accredited third-party auditor has assessed your information security practices against a defined set of controls - and found them to be in place and working.
It covers how we manage access to systems, how we respond to incidents, how we handle data, how we assess risk, and how we maintain and improve our security posture over time. It’s not a one-time test - it requires ongoing commitment and periodic audits to maintain.
For IT service providers working with regulated industries, it’s often a threshold requirement for vendor approval. For their clients, it’s one of the clearest signals that a vendor takes information security seriously.
Why this matters for what we do
Support Fusion connects platforms across company boundaries. When a ticket moves from a client’s ServiceNow instance into a service provider’s Autotask, and back again - both sides are sharing data they’d normally keep closely guarded.
That’s a significant responsibility. It means our security posture isn’t just our concern - it directly affects the security posture of every organisation in the chain.
ISO 27001 certification is how we demonstrate that we’ve thought carefully about that responsibility, and put the right structures around it.
The Trust Center
Certification on its own is a statement. The Trust Center is where you can actually dig into the detail.
Visit trust.suppfusion.com to:
- Review our compliance status - including our ISO 27001 certification and our progress toward SOC 2
- Access detailed documentation - covering product security, data security, architecture, encryption, access monitoring, audit logging, and more
- Submit a vendor questionnaire - if you’re running a security assessment and need specific answers from us, you can do that directly through the Trust Center
Some documentation requires you to register for access. That’s intentional - it keeps sensitive technical detail out of the public domain while still making it available to the people who legitimately need it.
What’s next
SOC 2 is our next milestone, with a target of completing it before the end of 2026.
We’ll keep the Trust Center updated as our compliance posture evolves. If you have questions about our security practices that aren’t covered there, reach out directly - we’re happy to talk through them.
