International

  • ISO 27001

    Widely accepted standard that specifies requirements for information security system management

  • ISO 27017

    International certification for cloud computing information security

  • ISO 27018

    International code of conduct that focuses on personal data protection on cloud

  • TL 9000 & ISO 9001

    Certification standards for quality management system

  • ISO 20000-1

    International standard for information technology service management system

  • ISO 22301

    International standard for business continuity management systems

  • CSA STAR gold certification

    International certification for different levels of cloud security

  • ISO 27701

    Guidance for privacy information management

  • BS 10012

    Best practice framework aligned to the principles of the EU GDPR

  • ISO 29151

    Standards identified by privacy risk and impact assessment

  • PCI DSS

    Global security standard of the payment card industry

  • PCI 3DS

    Financial industry certification for protecting the 3DS environment

  • ISO 27799

    Healthcare industry standard on personal health information protection

  • ISO 27034

    Standard that focuses on establishing processes and frameworks for secure software programs.

  • SOC 1 Type II Report

    Independent audit reports on service providers' security controls

  • SOC 2 Type II Report

    Internal security controls of Huawei Cloud service system

  • SOC 3 Report

    Part of the SOC 2 report available to the public upon application

National/Regional

  • [Germany] C5

    Highly recognized high-level security standard for cloud service providers

  • [Germany] TISAX

    Security standard for information security assessment and data exchange in the automotive industry

  • [Singapore] OSPAR

    Guidelines on the objectives and process of controlling outsourcing service providers

  • [Singapore] MTCS Tier 3

    Highest level of Singapore Multi-Tier Cloud Security (MTCS) on cloud computing

  • [China] DJCP

    General security standard issued by China's Ministry of Public Security (MPS)

  • [China] Cloud Computing Service Security Assessment by CAC

    Security assessment on cloud platforms that provide services for party and government organs and critical IT infrastructure operators

  • [China] ITSS Cloud Computing Service Capability Evaluation by MIIT

    Cloud computing service capability assessment based on the Chinese national standards such as General Requirements for Cloud Computing Cloud Service Operation

  • [China] Trusted Cloud Service (TRUCS)

    One of the most authoritative assessments run by the Data Center Alliance (DCA) and the China Academy of Information and Communications Technology (CAICT).

  • [China] TRUCS Gold O&M Assessment

    A special assessment of the O&M capabilities of cloud service providers. It recognizes that HUAWEI CLOUD has a sound, fully featured O&M management system for authoritative cloud service operations and maintenance assurance in China.

  • [China] Certification for the Capability of Protecting Cloud Service User Data

    User data security evaluation for cloud services. Key metrics include pre-event prevention, in-event protection, and post-event tracing.

  • [Hong Kong,China] SRAA

    Huawei Cloud has engaged an independent audit organization to conduct an ISAE 3000 audit of its cloud service controls, meeting the SRAA security requirements of the Hong Kong SAR government.

  • ENS (Esquema Nacional de Seguridad)

    Mandatory law for companies in the public sector and their technology suppliers

  • [Indonesia] Indonesia Financial Industry ISAE 3000 Audit Report

    Independent ISAE 3000 audit report that HUAWEI CLOUD complies with information security standards in Indonesia's financial industry

  • Singapore Cyber Trust Mark

    Singapore Cyber Trust Mark is a cybersecurity certification for organizations with more extensive digitalized business operations.

  • EU Cloud CoC

    The EU Cloud Code of Conduct (CoC) is an EDPB endorsed and legally operational transnational code of conduct that provides explicit guidance for cloud service providers to effectively incorporate the obligations specified in GDPR Article 28-Processor.

Other

  • [US] NIST Cybersecurity Framework

    Cyber security framework based on the classic IPDRR capability model

  • [US] MPA

    Best Practices for Media Content Protection

Huawei Cloud Privacy Certifications

  • ISO 27018

    ISO 27018 is the first international code of conduct that focuses on personal data protection on cloud. This certification indicates that HUAWEI CLOUD has a complete system for the protection of personal data and leads the industry in data security management.

  • ISO 27701

    ISO 27701 specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to 27001 and 27002 for privacy management within the context of the organization.

  • ISO 29151

    ISO 29151 establishes control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII).

  • BS 10012

    BS 10012 provides a best practice framework for a personal information management system that is aligned to the principles of the EU GDPR. It outlines the core requirements organizations need to consider when collecting, storing, processing, retaining or disposing of personal records.

  • ISO 27799

    The 27799 standard provides guidance for the healthcare industry and its associated agencies on how to better protect the confidentiality, integrity, auditability and availability of personal health information.

Regulatory requirements related to data protection and industry security in each country/region, Huawei Cloud compliance status, and regional and international compliance resources

Terms & Conditions
  • Kenya

  • Nigeria

  • South Africa

  • Saudi Arabia

  • Egypt

  • Argentina

  • Brazil

  • Chile

  • Peru

  • Mexico

  • Colombia

Industry-specific regulatory requirements in each country/region, Huawei Cloud compliance status, and compliance resources

Terms & Conditions

Industry-specific Guidance