This manual outlines the Information Security Management System (ISMS) at Sourcegraph, focusing on the security policies, procedures, and controls in place to safeguard the organization's information assets. The purpose of this document is to demonstrate Sourcegraph’s commitment to information security, ensuring compliance with ISO 27001 standards, and providing a framework for continual improvement.
Policies within this manual are reviewed annually and updated as necessary. A full list of our available policies can be found in our handbook: Security Policies & Procedures.
All ISMS-related policies and procedures are accessible to Sourcegraph employees via our handbook.
These documents are “Mandatory” and any / all deviations are to be agreed with the relevant Policy Owner / ISMS Manager. They will decide if the deviation is a “one-off” and / or the ISMS documentation set is to be updated.
A Document Control table is maintained by the Security Team in Notion, tracking document versions, owners, and review dates.
Sourcegraph is a leader in code search and intelligence tools. Its core mission is to empower developers with the tools to understand, navigate, and improve large codebases. Sourcegraph operates in a globally distributed manner, with employees and clients across multiple regions, emphasizing the importance of strong, consistent information security practices.