Security Packet · Under NDA

The full security packet, on request.

A nine-document briefing for your CIO, CISO, procurement office, or general counsel — everything they need to evaluate OnePointe against your institution's security and compliance standards.

  • 01

    SOC 2 Type II audit report

    Most recent independent audit by a Big Four firm, covering security, availability, confidentiality, and processing integrity. Issued annually.

  • 02

    Penetration test summary

    Executive summary from our most recent third-party penetration test by NCC Group. Findings, severity, remediation, and re-test results.

  • 03

    FERPA addendum

    Our standard FERPA School Official Designation language, ready to attach to your subscription agreement.

  • 04

    Data Processing Agreement (DPA)

    Standard contract clauses for data processing under FERPA, GDPR, and applicable state privacy laws.

  • 05

    Business continuity & disaster recovery plan

    RPO/RTO commitments, backup architecture, failover procedures, and the results of our most recent DR exercise.

  • 06

    Subprocessor list

    Every vendor that touches your data, what they do, where they're hosted, and the contractual flow-down terms.

  • 07

    VPAT (accessibility conformance)

    Voluntary Product Accessibility Template documenting WCAG 2.1 AA conformance, with exceptions noted honestly.

  • 08

    Incident response plan

    Our notification commitments, escalation paths, and post-incident reporting standards.

  • 09

    One-page CIO summary

    A short executive overview your CIO can read in five minutes and forward to their team.

"We needed software that would treat our cases — and our students — with the seriousness they deserve. The security packet was the first thing that gave our CISO confidence."
Marcus Beaumont · Title IX Coordinator, Carroway State University
Request the security packet

Tell us where to send it.

We share the full packet under a mutual NDA. Once your request comes in, we'll send you our standard two-page NDA for signature, and the packet follows within one business day of execution.

Have a specific question first? Contact us
Submission received

Thank you for your submission.

A member of our team will be in contact shortly. We typically respond within one business day — often sooner.

What happens next

Watch for an email from us with our standard mutual NDA via DocuSign. Once signed (a two-page document, no fuss), we'll deliver the full nine-document security packet via secure link.