Cloud infrastructure - certifications, standards, and regulations
IBM Sterling® Order Management System maintains a comprehensive set of compliance and trust
certifications. Designed with secure engineering practices and strong Site Reliability Engineering
(SRE) principles, these certifications reaffirm the commitment of IBM for protecting customer data
and applications.
Security and Compliance
IBM Sterling Order Management System devotes significant time to provide customers with the highest forms of independent assurance for Internal Control over Financial Reporting (ICFR), data protection, and regulatory compliance. Our continued investment in ISO and Service Organization Control (SOC 1 and SOC 2) certifications and attestations is core to our principles of maintaining trust and building confidence for our customers, and supporting our customers in their internal governance and regulatory oversight processes.
Data Privacy Regulations
IBM’s commitment to Customer Privacy mandates that IBM Sterling Order Management System and related offerings are compliant with the prevalent privacy-related regulations that are announced by various government bodies. For example, General Data Protection Regulation (GDPR) for the European Union and California Consumer Privacy Act (CCPA) for the State of California.
Brazilian General Data Protection Law - LGPD
Lei Geral de Proteção de Dados (LGPD) creates a legal framework for the use of personal data of individuals in Brazil, regardless of where the data processor is located. It is closely modeled after the European Union's General Data Protection Regulation (GDPR).