{
  "docId": "019dd923-5efe-75c0-8dff-48e10af8a9a6",
  "docSlug": "27f56e392d468998",
  "documentTitle": "2025 ESG Report",
  "authorId": "Asana",
  "authorName": "Asana",
  "documentKindSlug": "consulting-deck",
  "documentKindLabel": "Consulting deck",
  "sourceTypeSlug": "strategy_consulting",
  "sourceTypeLabel": "Strategy consulting",
  "presentationDate": null,
  "orientation": "landscape",
  "aspectRatio": 1.776,
  "pageNumber": 38,
  "pageCount": 59,
  "prevPage": 37,
  "nextPage": 39,
  "slideType": "other",
  "function": "present_solution",
  "density": "dense",
  "nDataPoints": 0,
  "notes": "The slide uses a grid of cards to present security measures.",
  "elementsJson": [
    "headline_text",
    "paragraph",
    "bullet_list",
    "icon_grid"
  ],
  "metadataConfidence": 1,
  "imagePath": null,
  "slideHref": "/slides/019dd923-5efe-75c0-8dff-48e10af8a9a6/38",
  "deckHref": "/decks/019dd923-5efe-75c0-8dff-48e10af8a9a6",
  "deckJsonHref": "/decks/019dd923-5efe-75c0-8dff-48e10af8a9a6.json",
  "deckAnchorHref": "/decks/019dd923-5efe-75c0-8dff-48e10af8a9a6#slide-38",
  "components": [
    {
      "bbox": {
        "h": 0.15,
        "w": 0.13,
        "x": 0.23,
        "y": 0.307
      },
      "kind": "callout",
      "text": "Security safeguards",
      "attrs": null,
      "subkind": "primary",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "4a734e76-f79a-41f9-b333-0d2bf10dde95",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": null,
      "kind": "callout",
      "text": "We maintain a global privacy and security program designed to ensure Asana remains a name our customers love, value, and, above all, trust.",
      "attrs": null,
      "subkind": null,
      "toolName": "Visual emphasis",
      "toolSlug": "visual-emphasis",
      "confidence": null,
      "componentId": "019dd952-8f6d-7270-a7a5-ce6d0c6e30d0",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.64,
        "w": 0.56,
        "x": 0.41,
        "y": 0.282
      },
      "kind": "list",
      "text": "SOC 2 Type 2 audits, ISO 27001:2022 and ISO 27017:2015 certifications, Encryption, Security and Privacy Awareness training, Regular security assessments, Incident response program, Data Security Standards",
      "attrs": null,
      "subkind": "bullet",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "34f7c4f3-54a4-497c-9e79-f96cc89c892b",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.12,
        "w": 0.2,
        "x": 0.03,
        "y": 0.29
      },
      "kind": "paragraph",
      "text": "We maintain a global privacy and security program designed to ensure Asana remains a name our customers love, value, and, above all, trust.",
      "attrs": null,
      "subkind": "paragraph",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "17cce1f9-3401-43cd-adcf-7397200a0878",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.35,
        "w": 0.2,
        "x": 0.03,
        "y": 0.52
      },
      "kind": "paragraph",
      "text": "Our approach to security\nWe endeavor to earn and maintain customer trust through implementing robust measures that protect our customers' data. The Asana head of security is responsible for our security program, which comprises the following teams of security engineers and analysts:\n• Infrastructure security\n• Product security\n• Corporate security\n• Security risk and compliance\nThe head of security presents regularly to the Board. Asana maintains a list of owners for each area of responsibility and security control.",
      "attrs": null,
      "subkind": "paragraph",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "ccf2daf5-7022-4983-8f18-d3ba97769dd4",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.07,
        "w": 0.33,
        "x": 0.03,
        "y": 0.11
      },
      "kind": "title",
      "text": "Privacy and security",
      "attrs": null,
      "subkind": "headline",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "2291b8b9-0f1d-4a6c-890e-2e18755ec54b",
      "frameworkName": null,
      "frameworkSlug": null
    }
  ],
  "metrics": [],
  "tools": [],
  "frameworks": [],
  "arcBeats": [
    {
      "to": 40,
      "from": 10,
      "beatId": "019dd95a-07a7-7579-bd63-7d61f5ebffb7",
      "arcName": "The Golden Circle",
      "arcSlug": "golden-circle",
      "beatName": "How",
      "beatSlug": "golden-circle-how",
      "evidence": "Four pillars in action: People, Product, Planet, Trust & Governance.",
      "position": 2,
      "confidence": 70,
      "parentBeatName": "Turn",
      "parentBeatSlug": "turn"
    }
  ],
  "loops": [
    {
      "to": 40,
      "from": 34,
      "name": "Mece Breakdown",
      "slug": "40-mece-breakdown",
      "bestFor": "Problem structuring, ensuring completeness, strategic analysis",
      "matchId": "019dd95a-08f8-7619-ac2c-be5f95562317",
      "evidence": "Divider p.34 then 6 distinct, non-overlapping governance sub-themes p.35-40.",
      "position": 5,
      "objective": "Decompose Trust & Governance into ethics, risk, supply chain, privacy, data governance",
      "structure": "The Whole -> Category A (distinct) -> Category B (distinct) -> Category C (distinct) -> Complete Coverage",
      "confidence": 70,
      "description": "Divide a complex topic into mutually exclusive, collectively exhaustive categories"
    }
  ],
  "imagePathAlt": null,
  "thumbSrc": null,
  "thumbSrcAlt": null,
  "locked": true
}