Sample Attestation
Below is an example of what a CodeGRC Audit Attestation looks like. Actual certificates contain project-specific details visible only to the certificate holder.
What the attestation means
A CodeGRC Audit Attestation confirms that the reviewed scope was assessed against the stated standard at the time of audit. It indicates that identified issues were remediated and retested before certificate issuance.
The attestation does not guarantee the absence of all vulnerabilities, nor does it constitute a statutory certification or compliance guarantee. It represents an independent professional opinion based on manual review.
Public vs. private information
The public verification endpoint confirms only: certificate status, issued/expiry dates, and fingerprint. Project name, repository URL, findings, and customer details are never exposed through public verification.