Trust Center

Start your security review
View & download sensitive information
ControlK

Overview

Xerox’s Security Compliance Program has been developed with the goal of building customer trust. It considers our customer’s needs and expectations to comply with applicable laws, regulations and standards across the various geographies and industries of our customers and provides necessary independent assurance on the security posture of Xerox products and services.

Compliance

ISO/IEC 27001 Logo
ISO/IEC 27001
ISO 22301 Logo
ISO 22301
ISO 9001 Logo
ISO 9001
SOC 2 Logo
SOC 2
SOC 3 Logo
SOC 3
Cyber Essentials Logo
Cyber Essentials
Cyber Essentials Plus Logo
Cyber Essentials Plus
NHS Data Security and Protection Toolkit Logo
NHS Data Security and Protection Toolkit
ENS Logo
ENS
FedRAMP Moderate Logo
FedRAMP Moderate
GovRAMP Logo
GovRAMP
PCI DSS Logo
PCI DSS

Documents

DOCUMENTSSecurity Services Documentation (Private)
DOCUMENTSXerox Managed Print Services (Private)
DOCUMENTSXerox Workplace Cloud (Private)
DOCUMENTSXerox Workplace Suite (Private)
DOCUMENTSXerox Lexmark ISO & Pentest Attestation (Private)
DOCUMENTSXerox Lexmark Security - Cloud Services (Private)
DOCUMENTSXerox Capture & Content Service (Xerox USA & Xerox Canada)
DOCUMENTSXerox UK Capture & Content Services
DOCUMENTSXerox Digital Services Engineering (Private)
DOCUMENTSCareAR (Private)
DOCUMENTSGo Inspire Group (Private)
DOCUMENTSXerox DocuShare (Private)

Product Security

Common Criteria
Product Security Information
Product Security Testing Frequency
View more

Self-Assessments

ProcessUnity

Application Security

Responsible Disclosure
Software Development Lifecycle
Vulnerability & Patch Management

Accessibility & Assistive Technology

Assistive Technology at Xerox
Product & Software Compliance
Section 508 Assessment Process
View more

Legal

Cyber Insurance
Privacy Policy
Terms of Use

Data Privacy

Communication Preference
Cookie Preferences
Employee Privacy Training
View more

Access Control

Logging
Password Security
User Access & Privilege Access Management

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Endpoint Security Guide & Checklist
View more

Network Security

DNSSEC
Firewall
Intrusion Detection & Prevention
View more

Corporate Security

Background Checks
Business Continuity
Crisis Management
Trust Center Updates

New SOC 2 Reports Available

Copy link
Compliance

Updated SOC 2 Bridge letters are available for the following services for Quarter 4 2025:

1] SOC 2 Q4 2025 Bridge Letter -: Managed Print Services, Xerox Workplace Cloud, Xerox App Gallery, CareAR, Xerox DocuShare, XMPie

Updated SOC 2 Report is available for

  1. XMPie

Updated SOC 2 Report are available for the following services:

1] SOC 2 Report -: CareAR, Xerox DocuShare

Updated SOC 2 Report are available for the following services:

1] SOC 2 Report -: Managed Print Services, Xerox Workplace Cloud, Xerox App Gallery

Updated SOC 2 Bridge letters are available for the following services for Quarter 1 2025:

1] SOC 2 Q1 2025 Bridge Letter -: Managed Print Services, Xerox Workplace Cloud, Xerox App Gallery

Updated SOC 2 Bridge letters are available for the following services for Quarter 4 2024:

1] SOC 2 Q4 2024 Bridge Letter -: Managed Print Services, Xerox Workplace Cloud, Xerox App Gallery, CareAR, Xerox Docushare, XMPie, Xerox IT Managed Services (Xerox US).

Completion of the SOC 2 Type 2 audit demonstrates Xerox’s continued commitment to the security of our product and that of our overall security posture.

SOC 2 Type 2 Report for the 2024 time period available are for:

1] SOC 2 Q3 2024 Bridge Letter -: Managed Print Services, Xerox Workplace Cloud, Xerox App Gallery, Xerox IT Managed Services (Xerox US), CareAR, Xerox Docushare, XMPie.

Completion of the SOC 2 Type 2 audit demonstrates Xerox’s continued commitment to the security of our product and that of our overall security posture.

SOC 2 Type 2 Report for the 2024 time period available are for:

1] SOC 2 Report -: CareAR, XMPie

2] SOC 2 Q2 2024 Bridge Letter -: Managed Print Services, Xerox Workplace Cloud, Xerox App Gallery, Xerox DocuShare

New Cyber Essentials & Cyber Essentials Plus Certification

Copy link
Compliance

We’re pleased to announce that Xerox UK Ltd. has successfully achieved Cyber Essentials & Cyber Essentials Plus certification for the 2025-2026 period. This certification underscores our commitment to maintaining the standards of cybersecurity, ensuring the protection and integrity of data.

Link:

  1. Cyber Essentials
  2. Cyber Essentials Plus

Regards,
Xerox Cybersecurity

We’re pleased to announce that Xerox UK Ltd. has successfully achieved the Cyber Essentials Plus certification. This certification underscores our commitment to maintaining the standards of cybersecurity, ensuring the protection and integrity of data.

Link:

  1. Cyber Essentials
  2. Cyber Essentials Plus

Regards,
Xerox Cybersecurity

Updated ISO 27001 Reports Available

Copy link
Compliance

Updated ISO 27001:2022 certificate is available for Lexmark, A Subsidiary of Xerox Corporation; Please find the certificate here: Xerox Lexmark

Updated ISO 27001:2022 certificate is available for the following services:

  1. Managed Print Services
  2. Xerox Workplace Cloud
  3. Xerox App Gallery
  4. Go Inspire Group

Updated SOC 3 Reports Available

Copy link
Compliance

Updated SOC 3 Report are available for the following services:

1] SOC 3 Report -: Managed Print Services, Xerox Workplace Cloud, Xerox App Gallery

ENS (Esquema Nacional de Seguridad) Certification for Xerox Spain

Copy link
Compliance

We’re pleased to announce that Xerox Spain has successfully achieved the Esquema Nacional de Seguridad (ENS) Certification.
Please find a more detailed Infromation here ENS

Regards,
Xerox Cybersecurity

If you need help using this Trust Center, please contact us.
Contact support
If you think you may have discovered a vulnerability, please send us a note.
Report issue