Frequently asked questions about ISO/IEC 27001
Frequently asked questions about ISO/IEC 27001
What is ISO/IEC 27001?
ISO/IEC 27001 is a widely used international standard that provides requirements for information security management systems. The core idea is to protect the security and continuity of information security management systems through periodic assessment and management of security risks. Huawei Cloud has earned ISO/IEC 27001 certification, which certifies its ability to provide an ISO/IEC 27001-compliant, secure cloud environment for you.
In addition, Huawei Cloud will implement periodic reviews in accordance with certification requirements to ensure that its ever-evolving cloud environment and services are always protected by industry-leading information security management practices.
Which data centers are covered by Huawei Cloud's ISO/IEC 27001 certification?
The ISO/IEC 27001 certification covers over 40 data centers belonging to Huawei Cloud globally, plus operation and maintenance services for them, including the provision of operation and maintenance services for Huawei Cloud data centers based on third-party IDCs, as well as those for Huawei Cloud's self-built data centers. You can download Huawei Cloud's ISO/IEC 27001 certificate from Compliance Certificates.
Which Huawei Cloud services are covered by ISO/IEC 27001 certification?
The ISO/IEC 27001 certification covers over 150 Huawei Cloud services including, but not limited to, Advanced Anti-DDoS (AAD), Web Application Firewall (WAF), Data Encryption Workshop (DEW), and Database Security Service (DBSS). You can download Huawei Cloud's ISO/IEC 27001 certificate from Compliance Certificates.
If you would like to learn more about our products, please contact us.
Can my organization become ISO/IEC 27001-certified automatically by using Huawei Cloud?
Although Huawei Cloud has earned ISO/IEC 27001 certification and provides you with secure and reliable cloud services on this basis, using services provided by Huawei Cloud does not certify your organization's compliance with ISO/IEC 27001. ISO/IEC 27001 certification requires us to establish, implement, maintain, and continuously improve the information security management system of our organizations based on the ISO/IEC 27001 guidelines, standards, and best practices. To assess your own information system and get your organization certified, you can invite an independent third-party certifying body.