As the United Kingdom (UK) Government and public sector entities continue to modernize and embrace cloud workloads, IBM is delighted to announce the achievement of the Police-Assured Secure Facilities (PASF) accreditation. PASF is a program administered by the UK Police Digital Service (PDS), with the primary objective of ensuring the security of cloud computing facilities for UK law enforcement workloads and data.

PASF is based on a standard set of controls covering physical and environmental security and processes like high availability, staff training, and onboarding and offboarding procedures. The rigorous assessment includes an audit of published compliance documentation, a physical inspection of the IBM Cloud data centers and interviews with key members of staff to assess and review potential risks and their mitigations.

IBM Cloud has successfully met the PASF procedural and physical security requirements for Official-Sensitive data. This comprehensive assessment included physical, environmental and availability controls of IT facilities holding law enforcement information.

By engaging with a PASF-accredited Cloud Service Provider (CSP), police forces and other government agencies can be assured that the CSP has implemented a comprehensive security program that is regularly audited.

IBM Cloud services in scope

IBM Cloud services in the London Multi-Zone Region (MZR) data centers (LON04, LON05 and LON06) comply with PASF requirements for holding and processing Official-Sensitive data as audited by the UK PDS.

Reports and other documentation

Police and law enforcement agencies in the UK may contact the Police Digital Services to obtain the IBM Cloud PASF report.