ISO/IEC 27034

ISO/IEC 27034

Standard that focuses on establishing processes and frameworks for secure software programs

Standard that focuses on establishing processes and frameworks for secure software programs

Frequently asked questions about ISO/IEC 27034

Frequently asked questions about ISO/IEC 27034

What is  ISO/IEC 27034?

ISO/IEC 27034 is the first ISO standard for secure programs and frameworks. It clearly defines risks in application systems and provides guidance to assist organizations in integrating security into their processes. ISO/IEC 27034 provides a way for organizations to verify their own product security and make security a competitive edge. This standard also outlines a compliance framework at the application layer for global cloud service providers, promoting the security of the R&D process, applications, and the cloud. Huawei Cloud is the world's first cloud service provider to obtain ISO/IEC 27034 certification. This marks a big step forward for Huawei Cloud governance and compliance. 

In addition, Huawei Cloud will implement periodic reviews in accordance with certification requirements to ensure that its ever-evolving cloud environment and services are always protected by industry-leading security management practices.

Which data centers are covered by Huawei Cloud's ISO/IEC 27034 certification?

The ISO/IEC 27034 certification covers over 40 data centers belonging to Huawei Cloud globally, plus operation and maintenance services for them, including the provision of operation and maintenance services for Huawei Cloud data centers based on third-party IDCs, as well as those for Huawei Cloud's self-built data centers. You can download Huawei Cloud's ISO/IEC 27034 certificate from Compliance Certificates.

Which Huawei Cloud services are covered by ISO/IEC 27034 certification?

The ISO/IEC 27034 certification covers over 150 Huawei Cloud services including, but not limited to, Advanced Anti-DDoS (AAD), Web Application Firewall (WAF), Data Encryption Workshop (DEW), and Database Security Service (DBSS). You can download Huawei Cloud's ISO/IEC 27034 certificate from Compliance Certificates.

If you would like to learn more about our products, please contact us.

Am I Compliant with ISO/IEC 27034 if I use Huawei Cloud?

Although Huawei Cloud has earned ISO/IEC 27034 certification and provides you with secure and reliable cloud services, using services provided by Huawei Cloud does not ensure your organization's compliance with ISO/IEC 27034. ISO/IEC 27034 certification requires us to establish, implement, maintain, and continuously improve the privacy protection management system of our organizations based on the ISO/IEC 27034 guidance standards and best practices. To assess your own information system and get your organization certified, you can invite an independent third-party certifying body.