By Aly Farooqui Tina Belani Bhushan Kelewadikar 2 min read
May 23, 2023

IBM Cloud completed its 2023 independent review of IBM Cloud services and processes. The review report demonstrates to its clients, partners and other interested parties that IBM Cloud services have implemented and adhere to the technical, administrative and physical control requirements of IBM Cloud Framework for Financial Services.

What is the IBM Cloud Framework for Financial Services?

IBM Cloud for Financial Services® is designed to build trust and enable a transparent public cloud ecosystem with features for security, compliance and resiliency that are required by financial institutions. Financial institutions can confidently host their mission-critical applications on our cloud, enabling faster and more secure transactions.

At the core of our cloud is the IBM Cloud Framework for Financial Services™, a comprehensive set of control requirements spanning 7 Focus Areas and 21 Control Families, designed by the industry to help address security requirements and regulatory compliance obligations of financial institutions.

What is the Agreed-Upon Procedures report?

As IBM Cloud services are onboarded to IBM Cloud for Financial Services®, IBM conducts a rigorous validation assuring that services meet IBM Cloud Framework for Financial Services technical, administrative and physical controls requirements.

IBM engages a third-party professional services firm to complete an independent review of IBM Cloud services and processes against the Agreed-Upon Procedures (AUP). The IBM Cloud for Financial Services AUP Report is issued by a big four public accounting firm in accordance with the American Institute of Certified Public Accountants (AICPA).

The report addresses controls for all Focus Areas of the IBM Cloud Framework for Financial Services, including the following:

  • Active Monitoring & Response
  • Advanced Data Protection
  • Automated Application & Workload Protection
  • Enhanced Authentication & Access Management
  • Focused Risk Management & Compliance
  • Operational Excellence
  • Unified Infrastructure Security & Resilience

Within each focus area, there are multiple control families and controls, and the report provides details on control descriptions, procedures performed and results.

The report demonstrates to IBM Cloud for Financial Services clients that IBM Cloud services have been implemented against, and adhere to, the IBM Cloud Framework for Financial Services technical, administrative and physical control requirements.

In 2023, IBM Cloud expanded the AUP to include additional locations and services that articulate our commitment to expand our portfolio of compliance across IBM Cloud. The AUP report is available to clients for their internal risk management practices and for demonstrating due diligence and oversight of their cloud service providers to their regulators.

Contact your IBM account team to obtain a copy of the AUP report.

In addition to this report, IBM Cloud compliance and trust certifications further affirm IBM’s commitment to the protection of customer data and applications.

Learn more

Learn more about IBM Cloud® compliance programs Learn more about IBM Cloud for Financial Services®

Categories

Announcements  |  Cloud  |  Cybersecurity  | 

Tags

 |  | 
Aly Farooqui
Chief Risk Officer, Cloud for Financial Services
Tina Belani
IBM Cloud Compliance Program Director
Bhushan Kelewadikar
IBM Cloud Compliance Product Manager

More from Announcements
September 21, 2023

IBM TechXchange underscores the importance of AI skilling and partner innovation

3 min read - Generative AI and large language models are poised to impact how we all access and use information. But as organizations race to adopt these new technologies for business, it requires a global ecosystem of partners with industry expertise to identify the right enterprise use-cases for AI and the technical skills to implement the technology. During TechXchange, IBM's premier technical learning event in Las Vegas last week, IBM Partner Plus members including our Strategic Partners, resellers, software vendors, distributors and service…

August 29, 2023

Introducing Inspiring Voices, a podcast exploring the impactful journeys of great leaders

< 1 min read - Learning about other people's careers, life challenges, and successes is a true source of inspiration that can impact our own ambitions as well as life and business choices in great ways. Brought to you by the Executive Search and Integration team at IBM, the Inspiring Voices podcast will showcase great leaders, taking you inside their personal stories about life, career choices and how to make an impact. In this first episode, host David Jones, Executive Search Lead at IBM, brings…

August 18, 2023

IBM watsonx Assistant and NICE CXone combine capabilities for a new chapter in CCaaS

5 min read - In an age of instant everything, ensuring a positive customer experience has become a top priority for enterprises. When one third of customers (32%) say they will walk away from a brand they love after just one bad experience (source: PWC), organizations are now applying massive investments to this experience, particularly with their live agents and contact centers.  For many enterprises, that investment includes modernizing their call centers by moving to cloud-based Contact Center as a Service (CCaaS) platforms. CCaaS solutions…

August 2, 2023

See what’s new in SingleStoreDB with IBM 8.0

3 min read - Despite decades of progress in database systems, builders have compromised on at least one of the following: speed, reliability, or ease. They have two options: one, they could get a document database that is fast and easy, but can’t be relied on for mission-critical transactional applications. Or two, they could rely on a cloud data warehouse that is easy to set up, but only allows lagging analytics. Even then, each solution lacks something, forcing builders to deploy other databases for…