Tencent Cloud Compliance Center
Compliant with various country- and industry-specific requirements, Tencent Cloud is committed to creating secure, reliable, and trustworthy cloud services for our customers.
Global Compliance
Tencent Cloud builds the cloud services in accordance with internationally recognized standards for information security and IT management, thereby providing our customers with cloud services certified by authoritative third-party accrediting agencies.
ISO 27001
Information Security Management Standard
ISO 27017
Code of practice for information security controls
CSA STAR
CSA Security Trust Assurance and Risk (STAR) Program
ISO 20000
Information Technology Service Management Standard
ISO 22301
Business Continuity Management Standard
ISO 9001
Quality Management Systems Standard
SOC 1
Type ⅡReport
SOC 2
Type ⅡReport
SOC 3
Type ⅡReport
Regional and Industry Compliance
Tencent Cloud complies with local information security standards in countries and regions where we provides cloud products and services. In addition, we strives to satisfy industry-specific best practices through audits by third-party assessing agencies and self-assessments.
TISAX
Trusted Information Security Assessment Exchange
![C5 [Germany]](https://main.qcloudimg.com/qcintl-cms/125/1601279841850/4fac89a9620a6ca2d873b71937b1aa58.png)
C5 [Germany]
Cloud Computing Compliance Criteria Catalogue
![OSPAR [Singapore]](https://main.qcloudimg.com/qcintl-cms/125/1598326623466/c48e0ca2bc76aa58f82119712cd34a15.png)
OSPAR [Singapore]
Association of Banks in Singapore’s Outsourced Service Providers Standard
![K-ISMS [Korea]](https://main.qcloudimg.com/qcintl-cms/125/1598255922524/357dfaa0457d0d858ea097f62291c520.png)
K-ISMS [Korea]
Korea-Information Security Management System
HIPAA
Health Insurance Portability and Accountability Act
![MTCS Tier 3 [Singapore]](https://main.qcloudimg.com/qcintl-cms/125/1598256382591/c9a8477c0dac68fbc62bb61b46c22976.png)
MTCS Tier 3 [Singapore]
Multi-Tier Cloud Security Standard
MPAA
Motion Picture Association of America(MPAA) Content Security Model
PCI DSS
Payment Card Industry Data Security Standard
![DJCP [China]](https://main.qcloudimg.com/qcintl-cms/125/1598256898538/ed7cc9946af8a6e2c02ce722bc7e9f7f.jpg)
DJCP [China]
Cybersecurity Multi-Level Protection Scheme (MLPS)
![ITSS [China]](https://main.qcloudimg.com/qcintl-cms/125/1598257086889/59d6c8103ccc9ce38d8826f3252a4586.jpg)
ITSS [China]
Information Technology Service Standards
![TRUSTED CLOUD [China]](https://main.qcloudimg.com/qcintl-cms/125/1598257154047/27c75beab024850ac6e0af03479c6557.jpg)
TRUSTED CLOUD [China]
Trusted Cloud Service Certification
NIST CSF
Certification based on Cybersecurity framework of National Institute of Standards and Technology (NIST)
IT Compliance Audit in Indonesian Financial Industry
IT compliance audit based on Indonesian financial regulations
IT Compliance Audit in Malaysian Financial Industry
IT compliance audit based on Malaysian financial regulations
![FISC [Japan]](https://cloudcache.intl.tencent-cloud.com/cms/backend-cms/SQYS574_FISC.png)
FISC [Japan]
The center for Financial Industry Information Systems
Personal Information Protection
Tencent Cloud is committed to protecting the personal information of each customer and user by building a comprehensive personal information management system and taking various technical measures.
ISO 27701
Privacy Information Management Requirements and Guidelines
ISO 27018
Code of Practice for Protection of Personally Identifiable Information (PII) in Public Clouds
ISO 29151
Code of Practice for Personally Identifiable Information Protection
BS 10012
Requirements of personal information management system published by BSI
CISPE
Cloud Infrastructure Services Providers in Europe (CISPE) Data Protection Code of Conduct
Security Whitepaper
The Tencent Cloud Security White Paper explores Tencent Cloud's security practices in multiple aspects and provides best practices and security solutions for the secure use of Tencent Cloud products.
Compliance Support
Tencent Cloud provides customers with compliance reports issued by third-party auditors who test and verify our compliance with global, regional, and industry-specific security standards and regulations. If you need a compliance report, please contact us.