BlackLine Achieves ISO/IEC 27018 and 27701 Data Privacy Certifications For Financial Close and Accounts Receivable Automation Platforms

LOS ANGELES – Dec. 8, 2021 – Leading the way once again in accounting and finance automation, BlackLine, Inc. (Nasdaq: BL) has achieved ISO/IEC 27018:2019 and ISO/IEC 27701:2019 certifications, demonstrating the company’s enthusiastic and voluntary embrace of the most advanced internationally recognised standards for cloud security and data privacy. BlackLine’s newest certifications confirm the company adheres to the latest industry standards across its internal cloud services and also maintains and enforces robust and effective policies and procedures to ensure the security and privacy of the data managed by both its financial close and accounts receivable (AR) automation platforms.

“With the majority of our employees and customers still working remotely, providing secure and private cloud services is more important than ever,” Marc Huffman, BlackLine CEO, said. “Achieving ISO/IEC 27018 and 27701 certifications reaffirms our longstanding commitment to comply with information security protocols to ensure security and privacy across all of our cloud services – both those we utilise to run our systems internally, as well as those we provide to customers.”

ISO/IEC 27018:2019 and ISO/IEC 27701:2019 are the latest in the internationally recognised ISO/IEC 27000 series of protocols that comprise information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to provide best practice recommendations on information security management, risk mitigation and improved control environments within the context of an overall Information Security Management System (ISMS).

BlackLine has a long history of being at the forefront of adoption of security standards:

- In 2013, BlackLine was first in the cloud financial close automation category to achieve the original ISO/IEC 27001 certification, and first to successfully complete a SOC 2 (System and Organization Controls) Type 2 examination and 3rd-party audit (all of which are continuously updated to maintain ongoing compliance).

- Earlier this year, BlackLine added ISO/IEC 27017:2015 certification to its repertoire, joining a small number of organisations that have gone beyond the requirements of ISO/IEC 27001 to also ensure its cloud security practices are best-in-class.

- Now, following a multi-audit certification process, the British Standards Institute (BSI), an accredited certifying body of ISO/IEC 27000 standards, determined that, in addition to its ISMS, BlackLine’s Privacy Information Management System (PIMS) also conforms to the requirements for ISO/IEC 27018:2019 and ISO/IEC 27701:2019 certification.

ISO/IEC 27018 and 27701 expand on the ISO/IEC 27000 series of standards, providing data privacy guidelines for information security controls specific to protecting the privacy of personally identifiable information (PII) provisioned via cloud services – both as a data controller, with its employee data, and also as a data processor for customers via its market-leading software-as-a-service (SaaS) platforms for financial close and AR automation.

“It’s more critical now than ever for organisations to proactively secure their internal IT environments, as well as outward, customer-facing systems, and effectively comply with regulations and standards such as ISO/IEC 27018 and 27701,” said Max Solonski, chief security officer at BlackLine. “Keeping our clients’ and employees’ confidential information safe and private is our No. 1 priority, now and for the long-term. These 3rd-party assessments and certifications from BSI are testament to the work we’ve done to make this happen and to the fact that we’ve built a secure cloud environment all-around. Customers can rest assured that BlackLine will always be at the forefront when it comes to protecting and ensuring the security of both their corporate and personal data.”

About BlackLine

Companies come to BlackLine (Nasdaq: BL) because their traditional manual accounting processes are not sustainable. BlackLine’s cloud-based solutions and market-leading customer service help companies move to modern accounting by unifying their data and processes, automating repetitive work, and driving accountability through visibility. BlackLine provides solutions to manage and automate financial close, accounts receivable and intercompany accounting processes, helping large enterprises and midsize companies across all industries do accounting work better, faster and with more control.

More than 3,700 customers trust BlackLine to help them close faster with complete and accurate results. The company is the pioneer of the cloud financial close market and recognised as the leader by customers at leading end-user review sites including Gartner Peer Insights, G2 and TrustRadius. Based in Los Angeles, BlackLine also has regional headquarters in London, Singapore and Sydney. For more information, please visit blackline.com.