All Products
Search

This Product

    Platform For AI:Security compliance qualifications

    Document Center

    Platform For AI:Security compliance qualifications

    Last Updated:Feb 06, 2024

    To ensure data security and regulatory compliance when you use Platform for AI (PAI), Alibaba Cloud adheres to the most stringent security compliance standards. This topic describes the security compliance qualifications that PAI acquired and their significance for the protection of your business and data.

    Compliance qualification

    Scope

    Description

    ISO 27018

    International

    This standard provides guidelines for cloud service providers on how to protect personal data in the cloud.

    ISO 27701

    International

    This standard is an extension of ISO 27001 and specifies the privacy information management requirements for all types and sizes of organizations.

    ISO 27799

    International

    This standard provides guidelines for healthcare providers on how to protect personal health information.

    ISO 29151

    International

    This standard provides guidelines on how to protect personally identifiable information (PII).

    ISO 9001

    International

    This standard specifies the quality management system requirements for all types and sizes of organizations to ensure the continuous improvement of product or service quality.

    ISO 20000

    International

    This standard helps organizations improve IT services to meet customer needs.

    ISO 22301

    International

    This standard specifies business continuity management requirements to help organizations recover from disruptive incidents.

    ISO 27001

    International

    This standard specifies information security management requirements to secure information assets.

    ISO 27017

    International

    This standard provides information security guidelines that are specific to cloud services.

    BS 10012

    International

    This standard specifies requirements regarding data protection and processing for a personal information management system.

    CSA STAR

    International

    Security, Trust & Assurance Registry (STAR) is a program that is provided by the Cloud Security Alliance (CSA) to assess the security practices and privacy controls of cloud service providers.

    MLPS Level 3

    China

    The Multi-Level Protection Scheme (MLPS) Level 3 standard mandates stringent security measures for systems in which a data breach may harm societal order.

    SOC

    International

    Service Organization Control (SOC) reports assess the data security and protection measures of an organization, such as a data center.

    PCI DSS

    International

    The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards that ensure all entities that accept, process, store, or transmit credit card information maintain a secure environment.