ISO/IEC Certifications
SITE Cloud maintains ISO/IEC certifications that customers can use to support their own compliance programs for workloads built on SITE Cloud.
Introduction
The ISO/IEC certification pages document SITE Cloud certifications for information security, cloud security controls, PII protection, and privacy information management.
Note
Customers remain responsible for compliance of their own cloud implementations, internal controls, applications, and workloads.
ISO/IEC 27001
ISO/IEC 27001 specifies requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS).
SITE Cloud has achieved ISO/IEC 27001 certification for its ISMS and undergoes independent third-party audits to maintain compliance.
| Topic | Detail |
|---|---|
| Focus | Information security management. |
| Customer use | Supports compliance for customer systems and services built on SITE Cloud. |
| Audit access | Certificate available upon request through SITE Cloud Support Portal. |
ISO/IEC 27017
ISO/IEC 27017 provides guidance on cloud-specific information security controls based on ISO/IEC 27002. It applies to cloud service providers and cloud customers.
SITE Cloud has achieved ISO/IEC 27017 certification for implementation of cloud-specific information security controls.
| Topic | Detail |
|---|---|
| Focus | Cloud service security controls. |
| Customer use | Supports compliance for workloads and data stored on SITE Cloud. |
| Audit access | Certificate available through SITE Cloud Support Portal. |
ISO/IEC 27018
ISO/IEC 27018 provides guidance for cloud service providers on protecting personally identifiable information (PII), based on ISO/IEC 27002 and aligned with privacy principles.
SITE Cloud has achieved ISO/IEC 27018 certification for implementation of privacy controls for PII.
| Topic | Detail |
|---|---|
| Focus | PII protection in cloud services. |
| Customer use | Supports compliance for workloads involving PII stored on SITE Cloud. |
| Audit access | Certificate available through SITE Cloud Support Portal. |
ISO/IEC 27701
ISO/IEC 27701 extends ISO/IEC 27001 for managing personal data privacy through a Privacy Information Management System (PIMS).
SITE Cloud has achieved ISO/IEC 27701 certification for its privacy information management system.
| Topic | Detail |
|---|---|
| Focus | Privacy information management. |
| Customer use | Supports regulatory compliance for workloads involving personal data. |
| Audit access | Certificate available through SITE Cloud Support Portal. |
Scope of Certification
The ISO/IEC certification pages list these in-scope cloud services:
- Cloud Virtual Datacenter (VDC).
- Cloud Disaster Recovery.
- Cloud Managed IT.
- Cloud Managed IT SME.
Audit Certificates
Audit certificates are available to clients through SITE Cloud Support Portal.