All Products
Search
Document Center

Security Center:Compliance check

Last Updated:Apr 09, 2026

Use this feature to verify that your system meets classified protection compliance requirements and complies with the ISO 27001 international standard for information security management.

Background information

The Basic Requirements for Classified Protection of Cybersecurity (GB/T 22239-2019 Information Security Technology) and its related standards took effect on December 1, 2019. Adhering to this classified protection system is a fundamental responsibility for all businesses and organizations in China. Alibaba Cloud not only ensures that its own cloud platform meets these basic requirements but also provides the classified protection compliance check feature. This feature helps you implement the classified protection system quickly, efficiently, and continuously improve the security of your cloud-based business systems.

ISO 27001 certification provides internationally recognized validation of an enterprise's information security system, proving its capability to provide secure and reliable information services. Security Center provides the ISO 27001 compliance check feature to help you pass ISO 27001 certification.

Classified protection compliance check

The classified protection compliance check provides comprehensive cybersecurity checks covering communication networks, regional boundaries, computing environments, and management centers. You can use this feature to verify that your system meets classified protection compliance requirements and to promptly identify and address security risks.

  1. Log on to the Security Center console. In the left-side navigation pane, choose System Settings > Compliance Check.

  2. On the Security Compliance Check tab, view the check result statistics.

    • View the total number of check items and non-compliant items

      In the Total Check Items and Non-compliant Items sections, view the total number of supported check items and non-compliant items. Click Non-compliant Items to go directly to the list of non-compliant check items.

    • Online consultation for classified protection issues

      Click Consult to the right of Contact Us to open a chat window and ask questions about classified protection. This service is available from 09:00 to 17:00 on weekdays.

    • Host Configuration Check

      Click Click here to configure to go to the Baseline Check page, where you can view and handle baseline issues on your assets. For more information, see View and handle baseline check results.

    • Search for a specific check item

      In the search box, filter by check item category and compliance status, or enter the name of a check item to view matching results.

  3. Remediate non-compliant check items.

    Follow the instructions in the Improvement Suggestion column to remediate non-compliant check items.

    Note

    The classified protection compliance check in Security Center detects whether your system has the required security capabilities, such as access control and log audit. To pass the classified protection assessment, you must implement these capabilities and resolve all detected issues.

ISO 27001 compliance check results

You do not need to manually run an ISO 27001 compliance check. Each time you visit the ISO 27001 compliance check page, Security Center automatically runs the check and provides the latest results.

  1. Log on to the Security Center console. In the left-side navigation pane, choose System Settings > Compliance Check.

  2. On the ISO 27001 Compliance Check tab, view the statistics and the list of results.

    The first time you use this feature, you must click Authorize Now to grant the required permissions. Security Center uses these permissions to access your cloud resources and perform ISO 27001 compliance checks.

    You can perform the following operations:

    • View the total number of check items and non-compliant items

      In the Total Check Items and Non-compliant Items sections, view the total number of supported check items and non-compliant items.

    • View compliant, non-compliant, or in-progress check items

      In the search box, filter by compliance status, such as Compliant, Non-compliant, or In Progress, to view the corresponding list of check items.

  3. Remediate non-compliant check items.

    Follow the instructions in the Improvement Suggestion column to remediate non-compliant check items.

    The ISO 27001 compliance check in Security Center detects whether your system meets ISO 27001 certification requirements in areas such as asset management, access control, cryptography, and operations security. Remediate non-compliant items promptly.