Compliance Standards supported by Azure
From the Azure Boarding Guide for IT organizations (PDF) - Azure meets a broad set of international as well as regional and industry-specific compliance standards. Azure’s adherence to the strict security controls contained in these standards is verified by rigorous third-party audits that demonstrate Azure services work with and meet world-class industry standards, certifications, attestations, and authorizations.
Microsoft Azure offers the following certifications for all in-scope services:
* Content Delivery and Security Association (CDSA)
* Criminal Justice Information Services (CJIS)
* Cloud Security Alliance (CSA) Cloud Controls Matrix
* EU Model Clauses
* US Food and Drug Administration (FDA) Code of Federal Regulations (CFR) Title 21 P 11
* Federal Risk and Authorization Management Program (FedRAMP)
* Family Educational Rights and Privacy Act (FERPA)
* Federal Information Processing Standard (FIPS) Publication 140-2
* Health Insurance Portability and Accountability Act (HIPAA)
* Life Sciences GxP
* Information Security Registered Assessors Program (IRAP)
* ISO/IEC 27018
* ISO/IEC 27001/27002:2013
* Multi-Level Protection Scheme (MLPS)
* Multi-Tier Cloud Security Standard for Singapore (MTCS SS)
* Payment Card Industry (PCI) Data Security Standards (DSS)
* Service Organization Control (SOC) reporting framework for both SOC 1 Type 2 and SOC 2 Type 2.
* Trusted Cloud Service certification developed by the China Cloud Computing Promotion and Policy Forum (CCCPPF)
* UK Government G-Cloud
* European Union Model Clause
* China Multi Layer Protection Scheme
* Singapore Multi-Tier Cloud Security
* Australian Signals Directorate I-RAP Assessment
Microsoft Azure offers the following certifications for all in-scope services:
* Content Delivery and Security Association (CDSA)
* Criminal Justice Information Services (CJIS)
* Cloud Security Alliance (CSA) Cloud Controls Matrix
* EU Model Clauses
* US Food and Drug Administration (FDA) Code of Federal Regulations (CFR) Title 21 P 11
* Federal Risk and Authorization Management Program (FedRAMP)
* Family Educational Rights and Privacy Act (FERPA)
* Federal Information Processing Standard (FIPS) Publication 140-2
* Health Insurance Portability and Accountability Act (HIPAA)
* Life Sciences GxP
* Information Security Registered Assessors Program (IRAP)
* ISO/IEC 27018
* ISO/IEC 27001/27002:2013
* Multi-Level Protection Scheme (MLPS)
* Multi-Tier Cloud Security Standard for Singapore (MTCS SS)
* Payment Card Industry (PCI) Data Security Standards (DSS)
* Service Organization Control (SOC) reporting framework for both SOC 1 Type 2 and SOC 2 Type 2.
* Trusted Cloud Service certification developed by the China Cloud Computing Promotion and Policy Forum (CCCPPF)
* UK Government G-Cloud
* European Union Model Clause
* China Multi Layer Protection Scheme
* Singapore Multi-Tier Cloud Security
* Australian Signals Directorate I-RAP Assessment
Comments
Post a Comment