服务组织控制 (SOC) 报告是由美国注册会计师协会 (AICPA) 认证评估员发布的独立第三方报告,旨在解决与外包服务相关的风险。AICPA 已针对安全性、可用性、处理完整性、机密性和隐私建立了信任服务标准 (TSC),服务组织可据此进行评估。
SOC 2 报告评估组织为保护客户自有数据而实施的内部控制,并提供有关这些内部控制性质的详细信息。
报告和其他文档
请联系 IBM 代表 ,索取 IBM® 公共云(基础架构、VPC 和 PaaS)SOC 2 报告。
可以为已根据选定的信任服务原则实施控制的 IBM 服务提供 SOC 2 报告。SOC 2 报告表明,IBM 已针对选定的信任服务原则适当地设计了控制措施,并且这些控制措施在报告期内有效运作。
下面列出的服务有可用的 SOC 2 类型 2 报告,代表评估控制的时间段。由于此类报告代表过去的评估期,因此 SOC 2 类型 2 报告可能会附有过渡函,其中 IBM 证明自上一个报告期结束以来服务控制的持续表现。
IBM 服务描述 (SD) 指示给定产品是否保持 SOC 2 类型 2 合规性状态。以下服务每年至少发布一次 SOC 2 类型 2 报告。
服务
- IBM Cloud Activity Tracker (via Mezmo)
- IBM Cloud App ID
- IBM Cloud App Service
- IBM Cloud Backup
- IBM Cloud Backup for VPC
- IBM Cloud Bare Metal
- IBM Cloud Block Storage
- IBM Cloud Block Storage for Virtual Private Cloud
- IBM Cloud Block Storage Snapshots for Virtual Private Cloud
- IBM Cloud Code Engine
- IBM Cloud Container Registry
- IBM Cloud Continuous Delivery
- IBM Cloud Databases for DataStax
- IBM Cloud Databases for Elasticsearch
- IBM Cloud Databases for EnterpriseDB
- IBM Cloud Databases for etcd
- IBM Cloud Databases for MongoDB
- IBM Cloud Databases for MySQL
- IBM Cloud Databases for PostgreSQL
- IBM Cloud Databases for Redis
- IBM Cloud Direct Link(1.0;Connect、Dedicated、Dedicated Hosting、Exchange)
- IBM Cloud Direct Link Connect (2.0)
- IBM Cloud Direct Link Dedicated (2.0)
- IBM Cloud DNS Services
- IBM Cloud File Storage
- IBM Cloud Flow Logs for VPC
- IBM Cloud Functions
- IBM Cloud for VMware Solutions (Dedicated)
- IBM Cloud for VMware Solutions Shared
- IBM Cloud Foundry Public
- IBM Cloud Hardware Security Module
- IBM Cloud Internet Services Enterprise Package (via Cloudflare)
- IBM Cloud Internet Services Enterprise Usage Package (via Cloudflare)
- IBM Cloud Internet Services Standard (via Cloudflare)
- IBM CloudCloud Kubernetes Service and Red Hat® OpenShift® on IBM Cloud
- IBM Cloud Load Balancer
- IBM Cloud Messages for RabbitMQ
- IBM Cloud Monitoring (via Sysdig)
- IBM Cloud Object Storage
- IBM Cloud Object Storage (IaaS)
- IBM Cloud Platform – Core Services:BSS、IBM Cloud Catalog、IBM Cloud Global Search & Tagging、IBM Cloud Console、IBM Cloud Identity and Access Management 和 IBM Cloud Shell
- IBM Cloud Satellite
- IBM Cloud Schematics
- IBM Cloud Secrets Manager
- IBM Cloud Security and Compliance Center
- IBM Cloud Transit Gateway
- IBM Cloud Virtual Private Cloud
- IBM Cloud Virtual Private Cloud - Load Balancer for VPC:应用程序负载均衡器和网络负载均衡器
- IBM Cloud Virtual Private Cloud - VPN for VPC 站点到站点网关
- IBM Cloud Virtual Private Endpoint for VPC
- IBM Cloud Virtual Server for VPC
- IBM Cloud Virtual Server for VPC - Auto Scale for VPC
- IBM Cloud Virtual Server for VPC - VPC 专用主机
- IBM Cloud Virtual Servers
- IBM Cloudant Dedicated Cluster
- IBM Cloudant for IBM Cloud
- IBM Event Streams for IBM Cloud (Standard)
- IBM Event Streams for IBM Cloud (Enterprise)
- IBM Key Protect for IBM Cloud
- IBM Log Analysis (via Mezmo)
- IPSec VPN
- SAP-Certified Cloud Infrastructure