Tencent Cloud has obtained certification for the upgraded ISO27001:2022 information security management system standard.
ISO 27001 is a management system with information assets and business risk management as its core, and it calls for stringent requirements in the establishment, implementation and documentation of a corporation’s information security management. The predecessor of the ISO 27001 is the BS 7799 Information Security Management System Standard, which was drafted by the authoritative standards development and international certification provider, BSI. Subsequently, the BS 7799 standard was adopted by the International Organization for Standardization (hereinafter “ISO”) and refined as the ISO 27001. The ISO 27001 has since become the most rigorous and recognized - as well as extensively accepted and applied – prevailing global system certification standard in respect of information security.
In recent years, emerging IT technologies have developed rapidly worldwide, bringing along with it new security threats. As such, the ISO organization officially upgraded ISO 27001:2013 to ISO 27001:2022 in 2022, and adjusted the original 114 controls under 14 control domains in the 2013 version to 93 controls under four themes, including "organizational control", "personnel control", "physical control" and "technical control", adding a number of related requirements such as "information security of cloud service" and "data desensitization". Passing the ISO 27001:2022 certification can better reflect the Tencent Cloud's commitment to security, indicating that Tencent Cloud has established a scientific and effective management system that can provide users with secure, reliable cloud products and services.