Contattaci

Explore IBX™ Certifications and Standards

OR

ASAE 3402 Type II

Australian Standard on Assurance Engagements (ASAE 3402 Type II) establishes requirements and provides application and other explanatory material regarding the assurance practitioner’s responsibilities when providing a report for use by user entities and their auditors, on the controls at a service organization that provides a service to user entities that is likely to be relevant to user entities’ internal control as it relates to financial reporting

FISC

FISC Security Guidelines (Japan) The Center for Financial Industry Information Systems established the "FISC Security Guidelines on Computer Systems for Banking and Related Financial Institutions" as security guidelines for financial institutions in Japan. It describes controls and security measures related to facilities, operations, and technical infrastructure.

FedRAMP

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. This approach uses a “do once, use many times” framework that will save cost, time, and staff required to conduct redundant agency security assessments.

HDA

L'hosting dei dati sanitari è regolato ai sensi della legge francese ed è finalizzato a proteggere riservatezza, integrità e disponibilità dei dati dei pazienti. Tale attività di hosting può essere implementata solo da un hosting service provider ("HSP") preventivamente approvato dall'ASIP, l'Agenzia dei sistemi di informazione sanitari condivisi del Ministero della salute francese, tramite un accordo sui dati sanitari (HDA).

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed. This includes: covered entities (CE); all treatment providers; healthcare payment and operations; business associates; personnel with access to patient information to provide support in treatment, payment or operations. Subcontractors and business associates must also follow HIPAA compliance.

ISO 14001

ISO 14001, la cui versione più recente è ISO1400:2015, specifica i requisiti per un sistema di gestione ambientale utilizzabile dalle società per migliorare sistematicamente le proprie prestazioni ambientali in modo da contribuire al pilastro ambientale della sostenibilità.

ISO 22301

An international standard for Business Continuity Management (BCM), ISO 22301 replaces British standard (BS) 25999. It specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to prepare for, respond to and recover from disruptive events such as natural disasters, environmental accidents, technology mishaps and man-made crises.

ISO 27001

Si tratta di un quadro di migliori pratiche riconosciute a livello internazionale che specifica i requisiti per stabilire, implementare, mantenere e migliorare continuamente un sistema di gestione della sicurezza delle informazioni (SGSI). SGSI rappresenta un approccio sistematico alla gestione delle informazioni sensibili di una società, includendo persone, processi e sistemi IT.

ISO 50001

ISO 50001, the most current version being ISO 50001:2011, specifies requirements for establishing, implementing, maintaining and improving an energy management system, whose purpose is to enable an organization to follow a systematic approach in achieving continual improvement of energy performance, including efficiency, use and consumption. It has been designed to be used independently, but it can be aligned or integrated with other management systems.

ISO 9001

ISO 9001 è un sistema di gestione della qualità certificato (QMS) per le organizzazioni che desiderano dimostrare la propria capacità di offrire costantemente prodotti e servizi in grado di soddisfare le esigenze dei propri clienti e di tutti gli altri soggetti interessati.

NIST 800-53/FI

NIST 800-53 is published by the National Institute of Standards and Technology, which creates and promotes the standards used by federal agencies to implement the Federal Information Security Management Act (FISMA) and manage other programs designed to protect information and promote information security. Agencies are expected to meet NIST guidelines and standards within one year of publication. National security is not included in these standards.

OHSAS 18001

OHSAS 18001, also referred to as ISO 18001, is the internationally accepted and recognized management standard for occupational health and safety. The standard is used as a method of assessing and auditing occupational health and safety management systems.

OSPAR

L'Outsourced Service Provider's Audit Report (OSPAR) è un rapporto stilato dalla Association of Banks di Singapore (ABS) per aiutare le istituzioni finanziarie a garantire che i provider di servizi in outsourcing dispongano di controlli in conformità con le linee guida per l'outsourcing e la gestione del rischio tecnologico previste dal Monetary Authority of Singapore’s (MAS).

PCI DSS

The PCI Security Standards Council offers comprehensive standards and supporting materials to enhance data security for payment cards. They include a framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process, including prevention, detection and appropriate reaction to security incidents.

SOC 1 Type II

SOC1 è un report elaborato dall'American Institute of Certified Public Accountants (Consiglio nazionale dei dottori commercialisti americani - AICPA) usato per documentare i controlli interni amministrativo-contabili (ICFR) relativi ad un'organizzazione. Il report è incentrato sui servizi forniti da un'organizzazione, insieme a processi di supporto, policy, procedure, attività operative e personali che costituiscono le attività fondamentali che riguardano gli utenti. I principi di revisione per un report SOC1 includono SSAE 18 e ISAE 3402.

SOC 2 Type II

A standard designed for technology companies, including: data centers, IT managed services, SaaS vendors, cloud-computing based businesses and other technology. SOC2 criteria is based on the Trust Services Principles (TSP) of security, availability, processing integrity, confidentiality and privacy as well as controls outside of financial reporting.

SS 564

SS 564 aiuta le società di Singapore a stabilire sistemi e processi per migliorare l'efficienza energetica dei loro data center. Lo standard, sul modello del sistema di certificazione globale ISO50001, delinea un quadro dettagliato per una gestione energetica e ambientale dei data center adatta alle specifiche condizioni di Singapore.

SS 507

Il rapporto del Singapore Standard for Information and Communications Technology Disaster Recovery Services (SS507) specifica i requisiti per i servizi ICT DR e include sia quelli forniti internamente che in outsourcing, riguarda le capacità delle strutture e dei servizi e fornisce supporto di sostegno e recovery per i sistemi ICT delle aziende. Comprende gli aspetti di implementazione, test ed esecuzione di disaster recovery, ma non include altri aspetti della business continuity management.

TSI

​Trusted Site Infrastructure, introduced from TÜV-IT, is a catalogue of requirements on ten different areas of a data center including areas such as environment, construction, firehandling, security, cabling, energy, air, organization and documentation.

TVRA

The Threat and Vulnerability Risk Assessment (TVRA) is a set of requirements issued by the MAS for all Singapore-based financial institutions with overseas physical presences. It is mandated as a control in the OSPAR and MAS documents. Its standard reference is the Singaporean Ministry of Home Affairs’ Guidelines for Enhancing Building Security in Singapore (GEBSS).

UpTime Institute

​As an independent advisory organization, Uptime Institute is focused on improving the performance, efficiency, and reliability of the business critical infrastructure that underlies today’s global information economy. Uptime Institute is recognized worldwide for the creation and administration of the Tier Standards & Certifications for Data Center Design, Construction (Facility) and Operational Sustainability.

americas

Atlanta

Washington DC

Chicago

Denver

Denver

Washington DC

Atlanta


americas

Atlanta

Washington DC

Chicago

Denver

Denver

Washington DC

Atlanta

SH1

  • ISO 27001
  • SOC 1 Type ii
  • SOC 2 Type ii

SH1

  • ISO 27001
  • SOC 1 Type ii
  • SOC 2 Type ii

SH1

  • ISO 27001
  • SOC 1 Type ii
  • SOC 2 Type ii