New services available in 2021 have completed their ISO27K audits.

IBM Cloud PaaS offerings that recently achieved ISO27K certification include the following:

• IBM Cloud Activity Tracker event routing
• IBM Cloud App Configuration
• IBM Cloud Block Storage Snapshots for VPC
• IBM Cloud Code Engine
• IBM Cloud Event Notifications
• IBM Cloud for Education
• IBM Cloud Secrets Manager

ISO27K certification illustrates IBM’s continuing commitment to privacy, security and compliance. View the current ISO27K certificates and product list for hundreds of IBM PaaS and SaaS products, including the newly audited Public Cloud services listed above:

• ISO 27001 – IBM Enterprise & Technology Security (PaaS and SaaS) certificate
• ISO 27017 – IBM Enterprise & Technology Security (PaaS and SaaS) certificate
• ISO 27018 – IBM Enterprise & Technology Security (PaaS and SaaS) certificate
• ISO 27701 – IBM Enterprise & Technology Security (PaaS and SaaS) certificate
• ISO 27001 / 27017 / 27018 / 27701 – IBM Enterprise & Technology Security (PaaS and SaaS) certified product listing

All of the IBM services in the certified product listing are also in scope for the IBM Cloud Services Cloud Security Alliance (CSA) Security, Trust, Assurance and Risk (STAR) Consensus Assessments Initiative Questionnaire (CAIQ) Level 1 (Self-Assessment), published on the CSA STAR Registry.

Learn more

• ISO/IEC 27001:2013: Information technology — Security techniques — Information security management systems — Requirements 
• ISO/IEC 27017:2015: Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services 
• ISO/IEC 27018:2019: Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors 
• ISO/IEC 27701:2019: Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines 
• CSA STAR