Atlassian

project management atlassian.com HQ: Australia Last checked: June 10, 2026
Watch this vendor

Certifications & attestations

CertificationStatusSourceLast verified
SOC 2 Type II
Covers cloud products incl. Jira, Confluence, Jira Service Management, Bitbucket Cloud, Trello, Loom, Rovo. Audited by Coalfire; reports via the Atlassian Trust Portal (NDA).
 Verified vendor source ↗ June 10, 2026
ISO 27001
ISO/IEC 27001:2022 (Atlassian Trust Management System); statement of applicability extends to ISO/IEC 27018:2019 controls.
 Verified vendor source ↗ June 10, 2026
FedRAMP (Moderate)
Jira, Confluence, and Jira Service Management have FedRAMP Moderate authorization (FedRAMP Marketplace listing FR2412062433).
 Verified vendor source ↗ June 10, 2026
PCI DSS
PCI DSS logo shown on the compliance page without a dedicated resource page — not yet independently verifiable from public documentation.
 Reported · pending verification pending

→ Direct answer: Does Atlassian have SOC 2?

Subprocessors

Subprocessor extraction for Atlassian is pending. The vendor publishes a list here: source ↗

→ Full list & change history

Hosting & data residency

Trust documents & links

Security incidents & disclosures

No incidents on record in the public sources we track, as of June 10, 2026. Absence of a record is not a guarantee — see methodology.

Change history

2026-06-10
Vendor added with a verified initial snapshot: SOC 2 (Coalfire-audited, cloud products), ISO/IEC 27001:2022 with ISO 27018 extension, and FedRAMP Moderate (Jira, Confluence, JSM) each confirmed against Atlassian's dedicated compliance resource pages (fetched 2026-06-10). PCI DSS kept as reported only — the logo appears on the compliance page without a linked resource. The full 34-item compliance resource list is JS-filtered; remaining certifications can be verified individually later.