Xceedance/Xceedance Trust Center

Trust that strengthens the insurance ecosystem

Xceedance enables insurers, brokers, MGAs, reinsurers, and partners to operate with confidence through governance-led security, privacy, and resilience.

At a glance:
Our ISO/IEC 27001-aligned ISMS applies structured risk management and layered controls across people, processes, infrastructure, and technology—protecting data, strengthening resilience, and supporting uninterrupted insurance operations.

Trust Center page

ISMS Assurance

93 Annex A controls. Four integrated layers.

Organizational (37)

Governance, risk, suppliers, incident readiness, continuity

People (8)

Awareness, accountability, confidentiality, secure behaviors

Physical (14)

Facilities, environments, equipment, site resilience

Technological (34)

Access, monitoring, data protection, cyber resilience

ISMS assurance (1)

Independent Assurance

Certifications, standards & assurance detail

ISO_1

ISO/IEC 27001

Information Security Management System

ISO_1

ISO/IEC 27701

Privacy Information Management System

ISO_1

ISO 22301

Business Continuity Management System

SOC_Final

SOC 1 Type II

Service Organization Controls

SOC_Final

SOC 2 Type II

Trust Services Criteria

Information Security

Governance translated into measurable control.
Our ISMS makes trust visible—linking policy, accountability, infrastructure, and technology into a single, disciplined security model.

Four control layers

Organizational governance

Policies, risk oversight, suppliers, incidents, continuity

People accountability

Clear roles, awareness, and responsibility for protecting data

Physical safeguards

Secure environments for uninterrupted operations

Technological resilience

Access control, monitoring, secure engineering, cyber defense

INFORMATION SECURITY

Privacy & Data Protection

Privacy built into every stage of delivery.

We manage sensitive data with clear governance, minimal exposure, and strict controls aligned to client and regulatory requirements.

How We Protect Data

  • Privacy-by-design across delivery lifecycle
  • Purpose limitation aligned to defined use
  • Data minimization
  • Encryption, role-based access, monitored environments
  • Vendor oversight and accountability

Privacy Assurance

  • ISO/IEC 27701-certified
  • Defined governance and ownership
  • Vendor risk oversight
  • Lawful, contract-aligned processing
Privacy & Data Protection

Business Continuity & Resilience

Designed for disruption. Built for continuity.

We help sustain critical services, recover quickly, and maintain confidence across the insurance ecosystem.

How we support resilience

Continuty_Planning

Documented continuity plans

Recovery_Readiness

Defined recovery procedures

Teasting_&_Exercises

Regular testing and exercises

Incident_&_Crisis

Clear crisis and incident response

Operational_Multi-suite

Multi-site operations

Third-Party

Third-party continuity oversight

BG

Looking for deeper assurance?

Access documentation, certifications, or due diligence support.
Connect with Our Trust Team | Request Documentation

Insurtech Insights

Our latest thinking and case studies

view all insights