About IBM Cloud compliance programs

IBM Cloud® is designed for organizations that want a security-rich, open, hybrid, multicloud and manageable cloud environment.

IBM Cloud compliance and trust certifications reaffirm IBM's commitment to protection of customer data and applications. Designed with secure engineering practices, the IBM Cloud platform features layered security controls across network and infrastructure. Basic security services are included; advanced services are available as options for high-security environments.

These compliance programs and services include IBM Cloud infrastructure and IBM Cloud Platform-as-a-Service (PaaS) offerings:

 

Global US Federal Government Industry Regional
CSA STAR DoD DISA FFIEC BaFin (Germany)
ISO 9001 FedRAMP FISC (Japan) C5 (Germany)
ISO 22301 FFIEC GxP EBA (EU)
ISO 27001 FISMA HIPAA ENISA IAF (EU)
ISO 27017 ITAR HITRUST ENS (Spain)
ISO 27018   ITAR EU Model Clauses
ISO 27701   PCI EU-US Privacy Shield
ISO 31000   SEC Rule 17a-4(f) FERPA (US)
SOC 1     FISC (Japan)
SOC 2     G-Cloud (UK)
SOC 3     GDPR (EU)
      HDS (France)
      IRAP (Australia)
      IT-Grundschutz (Germany)
      K-ISMS (South Korea)
      MTCS (Singapore)
      My Number Act (Japan)
      NIS Directive (EU)
      SCEC (Australia)

 

Resource

The importance of data’s physical location

The physical location of data plays a huge role in how quickly and reliably it can be accessed by users. Learn how a global network foundation minimizes latency and strengthens security.