Certification for Enterprise Cloud
The following will provide an overview of certifications acquired or planned to be acquired for the Enterprise Cloud service.
- ISO 27001 (ISMS)
International standard for information security management systems. This standard systematically organizes standard procedures for establishing a security system to secure information assets and win the trust of stakeholders. ISO is the certification organization. Also known as ISMS (information security management system).
- ISO27017 (Information security controls for cloud services)
Code of practice for information security controls based on ISO27002 for cloud services. ISO27017 also organizes control measures to achieve objectives of information security management that both the customers and NTT Communications as provider of ECL2.0 have.
- ISO 20000 (ITSMS)
International standard for IT service management. This standard systematically organizes standard procedures for establishing a management system to improve the quality and efficiency of IT services. ISO is the certification organization.
- SOC 1
With SOC 1 reports, the commissioned party ensures the commissioning party that internal controls for outsourcing services and other commissioned business conform to standards. National/regional auditing organizations have established the equivalent standards listed below. The auditors are the certification organizations.
- ISAE 3402 – International Standard on Assurance Engagements
International standard for assurance by public accountants that certify the effectiveness of the commissioned company’s internal controls.
- SSAE 18 – Statement on Standards for Attestation Engagements (American standard for assurance engagements)
American Institute of Certified Public Accountants standard compliant with ISAE 3402.
- ASCR 18 report
Auditing standard issued by the Japanese Institute of Certified Public Accountants. This is a report by a JICPA-certified auditor that evaluates the effectiveness of internal controls at the commissioned company. Recognized in Japan by the SOC name.
- PCI DSS (Payment Card Industry Data Security Standard)
Global security standard for the credit industry jointly established by five companies (JCB, AMEX, Discover, MasterCard, and Visa) in September 2006 to safely protect the credit card and transaction information of card holders. PCISSC is the certification organization.
Certification Status for Enterprise Cloud
- Enterprise Cloud 1.0
(Hemel Hempstead 2)
*Yokohama is not available for new order.
**It is not available in new order. Please use PCI DSS option in Enterprise Cloud 2.0. Please contact our sales department for details.
Please refer here for detailed information of Global Data Centers.
- Enterprise Cloud 2.0
(Virginia Ashburn 1 (VA1))
(Hemel Hempstead 2)
|ISO27017 (Information security controls for cloud services)||Y||Y||N/A||Y||Y|
(Hemel Hempstead 3)
(Hong Kong Financial)
|ISO27017 (Information security controls for cloud services)||Y||Y||Y||Y||Y|
*Please refer here for detailed information of Global Data Centers.