Certification for Enterprise Cloud

Certification overviews

The following will provide an overview of certifications acquired or planned to be acquired for the Enterprise Cloud service.

 

  • ISO 27001 (ISMS)

International standard for information security management systems. This standard systematically organizes standard procedures for establishing a security system to secure information assets and win the trust of stakeholders. ISO is the certification organization. Also known as ISMS (information security management system).

  • ISO27017 (Information security controls for cloud services)

Code of practice for information security controls based on ISO27002 for cloud services. ISO27017 also organizes control measures to achieve objectives of information security management that both the customers and NTT Communications as provider of ECL2.0 have.

  • ISO 20000 (ITSMS)

International standard for IT service management. This standard systematically organizes standard procedures for establishing a management system to improve the quality and efficiency of IT services. ISO is the certification organization.

 

  • SOC 1

With SOC 1 reports, the commissioned party ensures the commissioning party that internal controls for outsourcing services and other commissioned business conform to standards. National/regional auditing organizations have established the equivalent standards listed below. The auditors are the certification organizations.

 

  • ISAE 3402 – International Standard on Assurance Engagements

International standard for assurance by public accountants that certify the effectiveness of the commissioned company’s internal controls.

  • SSAE 18 – Statement on Standards for Attestation Engagements (American standard for assurance engagements)

American Institute of Certified Public Accountants standard compliant with ISAE 3402.

  • ASCR 18 report

Auditing standard issued by the Japanese Institute of Certified Public Accountants. This is a report by a JICPA-certified auditor that evaluates the effectiveness of internal controls at the commissioned company. Recognized in Japan by the SOC name.

 

  • PCI DSS (Payment Card Industry Data Security Standard)

Global security standard for the credit industry jointly established by five companies (JCB, AMEX, Discover, MasterCard, and Visa) in September 2006 to safely protect the credit card and transaction information of card holders. PCISSC is the certification organization.

 

Certification Status for Enterprise Cloud

  • Enterprise Cloud 1.0
Certification/DCJP

(Yokohama No.1)*

JP

(Saitama No.1)

JP

(Kansai1)

US

(Lundy)

US

(Sterling)

UK

(Hemel Hempstead 2)

DE

(Frankfurt 2)

ISO 27001(ISMS)YYYYYYY
ISO 2000(ITSMS)YYYYYYY
SOC1YYYYYYY
PCI DSSN/AY**N/AN/AN/AN/AN/A

 

Certification/DCFR

(Paris 2)

ES

(Madrid 2)

SG

(Serangoon)

HK

(Tai Po)

MY

(Cyberjaya 3)

TH

(Bangna)

AU

(Sydney 1)

ISO 27001(ISMS)YYYYYYY
ISO 2000(ITSMS)YYYYYYY
SOC1YYYYN/AN/AY
PCI DSSN/AN/AN/AN/AN/AN/AN/A

*Yokohama is not available for new order.

**It is not available in new order. Please use PCI DSS option in Enterprise Cloud 2.0. Please contact our sales department for details.

Please refer here for detailed information of Global Data Centers.

 

  • Enterprise Cloud 2.0
Notification/Region

(DC)

JP1

(Saitama No.1)

JP2

(Osaka No.5)

JP5

(Tokyo No.2)

US1

(Virginia Ashburn 1 (VA1))

UK1

(Hemel Hempstead 2)

ISO 27001(ISMS)Y YN/AYY
 ISO27017 (Information security controls for cloud services) YYN/AYY
ISO 20000(ITSMS)YYN/AYY
SOC1YYN/AYY
PCI DSSYYN/AYY
Notification/Region

(DC)

UK1

(Hemel Hempstead 3)

DE1

(Frankfurt 1)

SG1

(Serangoon)

HK1

(Hong Kong Financial)

AU1

(Sydney 1)

ISO 27001(ISMS)YYYYY
 ISO27017 (Information security controls for cloud services)YYYYY
ISO 20000(ITSMS)YYYYY
SOC1YYYYY
PCI DSSYYYYY

*Please refer here for detailed information of Global Data Centers.