Aspera on Cloud (AOC) managed services are certified, when provisioned on IBM Cloud™, under the International Organization for Standardization (ISO) 27001 and 27002 standards, which define the best practices for information security management processes. The ISO 27001:2013 standard specifies the requirements for establishing, implementing, and documenting Information Security Management Systems (ISMS) controls. The IBM program has structured the ISMS according to these guidelines, using controls from the NIST SP 800-53 controls set.
AOC managed services are audited by a third-party security firm and meets all of the requirements for ISO 27001:2013 certification. See: IBM Cloud ISO 27001:2013 Certificate of Registration.