tencent cloud

SOC 1 Type II Report

This audit report describes the internal controls of Tencent Cloud's service system and is conducted in accordance with the section AT-C 320 of AICPA's Statement on Standards for Attestation Engagements No. 18 (SSAE No. 18).

SOC 2 Type II Report

This audit report describes the security, availability, and confidentiality of Tencent Cloud's service system and is conducted in accordance with the section AT-C 205 of AICPA's SSAE No. 18 and TSP Section 100 (2017 version).

SOC 3 Type II Report

This is a general use report describing the security, availability, and confidentiality of Tencent Cloud's service system and is conducted in accordance with the section AT-C 205 of AICPA's SSAE No. 18 and TSP Section 100 (2017 version).

MLPS 2.0

Tencent’s fintech solutions are registered for level 4 protection, and our public cloud services are registered for level 3 protection.

ISO 9001 Standard for Quality Management Systems

Tencent Cloud is China’s first cloud computing service provider accredited by both CNAS (China National Accreditation Service for Conformity Assessment) and ANAB (ANSI-ASQ National Accreditation Board) in accordance with ISO 9001. We implement effective quality control processes to deliver quality cloud services.

ISO 20000 Standard for IT Service Management Systems

With strictly followed IT service management processes, Tencent Cloud is China’s first cloud computing service provider certified to ISO 20000-1:2018.

ISO 27001 Standard for Information Security Management Systems

ISO/IEC 27001:2015 is a supplement to ISO/IEC 27002:2013. The certification is a testament to the effectiveness of Tencent Cloud’s information security controls.

ISO 27017 Guidelines for Information Security Controls of Cloud Services

ISO/IEC 27017:2015 is a supplement to ISO/IEC 27002:2013. The certification is a testament to the effectiveness of Tencent Cloud’s information security controls.

ISO 27018 Standard for Personal Data Protection in Public Clouds

Tencent Cloud is committed to building a sound personal information management system and using different technologies to protect the personal data of each user.

ISO 27701 Standard for Data Privacy Controls

Tencent Cloud is the world’s first cloud service provider to become ISO/IEC 27701 certified. We have implemented an effective data privacy management system which we continue to improve.

ISO 29151 Guidelines for the Protection of Personally Identifiable Information

Tencent Cloud has an information security risk management environment favorable for the protection of personally identifiable information, follows industry best practices, and is capable of continuous improvement.

CSA STAR Certification

CSA STAR certification is an internationally recognized cloud security certification program. Tencent Cloud has been awarded a Gold rating by STAR and continues to strengthen its security posture.

NIST Cybersecurity Framework

The NIST Cybersecurity Framework was released by the US National Institute of Standards and Technology in response to Executive Order 13636 "Improving Critical Infrastructure Cybersecurity". The framework emphasizes the use of business drivers to guide cybersecurity activities.

K-ISMS Certification

Tencent Cloud is China’s first K-ISMS certified cloud computing provider. The certification is an assurance that Tencent Cloud’s information security management system and capabilities comply with relevant laws and standards in South Korea.

BS 10012

A standard for personal information management systems published by the British Standards Institute