Software Escrow Compliance & Due Diligence Guide

Submit your due diligence request

Send your compliance questionnaire or documentation request through to your Codekeeper sales or customer success contact.

Action checklist:

Submit due diligence questionnaires with clear requirements

Specify any portal access needs or formatting preferences (e.g., OneTrust, Whistic)

Helpful links: Trust Center, General terms and conditions, Sales contact, Support contact

Sign an NDA for full documentation access

If your request includes sensitive security information, we’ll ask for a signed NDA before sharing these materials. Once in place, we can provide comprehensive documentation, including our security assurance reports, ISMS summaries, information security policies, and specialized compliance artifacts.

Action checklist:

Submit your NDA promptly

Helpful links: Trust Center

Respond to clarification requests to avoid delays

Confirm documentation scope meets your organization’s needs

Review completed compliance docs

Once your documents are ready, we’ll send everything through secure channels and handle any follow-up questions.

Action checklist:

Review documents internally

Flag any missing or unclear details

Coordinate follow-ups with your Codekeeper contact

Helpful links: Sales contact, Support contact

Our key responsibilities

1. Complete your due diligence questionnaires.

2. Provide comprehensive compliance documentation.

3. Coordinate with our technical teams for specialized information when needed.

4. Respond to follow-up questions and requests for additional documentation.

Build required software resilience with Codekeeper

Codekeeper helps you meet resilience and third-party risk requirements in frameworks like ISO 27001, SOC 2, GDPR, HIPAA, DORA, and NIS2. Use our escrow solutions and software resilience certificates to prepare for audits, respond to vendor risk assessments, and demonstrate regulatory readiness.