Menu

Platform

Account

LoginGet Started

© 2024 Terraware

Travel Safety Platform

Compliance & Governance

Comprehensive compliance framework ensuring adherence to regulatory requirements and industry standards

Regulatory Compliance

Terraware maintains strict compliance with government regulations, industry standards, and international frameworks governing intelligence platforms, data protection, and security operations.

Government & Defense Compliance

FedRAMP Authorization

Federal Risk and Authorization Management Program compliance enabling secure cloud services for U.S. government agencies with continuous monitoring and assessment.

ITAR Compliance

International Traffic in Arms Regulations compliance for defense-related technical data and services, with proper export licensing and personnel screening procedures.

NIST Cybersecurity Framework

Implementation of NIST CSF controls across Identify, Protect, Detect, Respond, and Recover functions with continuous improvement and risk management processes.

FISMA Compliance

Federal Information Security Management Act compliance with security categorization, control implementation, and continuous monitoring for federal information systems.

Industry Standards & Certifications

SOC 2 Type II

Annual third-party audits of security, availability, processing integrity, confidentiality, and privacy controls

ISO 27001

International information security management system standard with continuous improvement processes

ISO 27017

Cloud security controls and guidelines for cloud service providers and cloud service customers

Data Protection & Privacy Compliance

GDPR (General Data Protection Regulation)

Full compliance with EU data protection requirements including data subject rights, consent management, data processing agreements, and breach notification procedures.

CCPA (California Consumer Privacy Act)

California privacy law compliance with consumer rights to know, delete, opt-out, and non-discrimination protections for personal information processing.

PIPEDA (Personal Information Protection and Electronic Documents Act)

Canadian federal privacy law compliance for personal information collection, use, and disclosure in commercial activities.

HIPAA (Health Insurance Portability and Accountability Act)

Healthcare data protection compliance when processing protected health information (PHI) with appropriate safeguards and business associate agreements.

Export Control & Trade Compliance

U.S. Export Controls

  • • Export Administration Regulations (EAR)
  • • International Traffic in Arms Regulations (ITAR)
  • • Office of Foreign Assets Control (OFAC) sanctions
  • • Bureau of Industry and Security (BIS) compliance

International Trade

  • • Denied party screening and monitoring
  • • End-user verification and documentation
  • • Technology transfer controls
  • • Cross-border data transfer agreements

Audit & Continuous Monitoring

Internal Audits

Regular internal compliance assessments and control testing to ensure ongoing adherence to regulatory requirements and internal policies.

  • • Quarterly compliance reviews
  • • Annual risk assessments
  • • Control effectiveness testing

External Audits

Independent third-party audits and assessments by certified auditors to validate compliance with industry standards and regulations.

  • • Annual SOC 2 Type II audits
  • • ISO 27001 certification audits
  • • Penetration testing assessments

Compliance Inquiries

For compliance questions, audit requests, or regulatory inquiries, please contact our compliance team.

Compliance Team

compliance@terraware.ai

Legal Department

legal@terraware.ai

Audit reports and compliance documentation available upon request with proper authorization