This topic describes the security and compliance certifications for Voice Service and provides links to download the corresponding compliance documents.
To help customers meet regional and industry-specific security and compliance requirements, Voice Service continuously enhances its security and compliance posture. Building on Alibaba Cloud's products, services, and security management mechanisms, Voice Service integrates its business experience and customer needs to implement robust compliance standards across its platform and products. As a result, Voice Service has obtained certifications from multiple authoritative international and domestic organizations.
Certification | Description |
ISO 20000 Information Technology Service Management System - AliTelecom | This standard defines requirements for the development, implementation, monitoring, maintenance, and improvement of an IT service management system. It covers service level management, incident and problem management, change management, availability management, relationship management, and configuration and release management. AliTelecom obtained this certification to ensure its technical services and support meet business needs and to improve service quality, customer satisfaction, and operational efficiency through standardized processes. |
The core principle of this standard is customer focus, emphasizing the identification, management, and optimization of key business processes to improve efficiency and effectiveness. It covers planning, implementation, monitoring, correction, and improvement activities across the entire process, from requirements confirmation, design, R&D, and testing to sales and pre-delivery. AliTelecom obtained this certification to establish systematic quality management processes for its products and services. This continuous improvement process ensures the full product lifecycle meets requirements, reduces defects and errors, and increases customer satisfaction. | |
ISO 27001 Information Security Management System - AliTelecom | This standard provides a globally recognized framework for an information security management system (ISMS). It helps organizations design and implement a comprehensive set of security controls covering organizational, personnel, physical, and technical security. AliTelecom obtained this certification to effectively manage physical, network, application, data, and supply chain security risks, thereby protecting information assets and enhancing business security and compliance. |
ISO 27701 Privacy Information Management System - AliTelecom | ISO 27701 is a privacy-specific extension to the ISO 27001 Information Security Management System and ISO 27002 security controls. It integrates privacy protection principles and methods into the information security framework. This standard covers requirements for privacy risk management, data subject rights, data sharing and transfer, privacy by design, transparency, and incident response and handling. As a responsible cloud communication provider, AliTelecom actively establishes, implements, maintains, and continually improves its privacy security management controls to ensure its personal data processing activities are compliant. |
China implements the Multi-Level Protection Scheme (MLPS), a mandatory national standard for cybersecurity. Under this scheme, network operators must meet security obligations to safeguard networks from interference, disruption, or unauthorized access, and to prevent network data from being leaked, stolen, or altered. Alibaba Cloud employs a proactive and comprehensive defense strategy to build and maintain a robust network security system. The AliTelecom cloud communication system undergoes an annual MLPS assessment by an authorized third-party institution. This process involves security enhancements and remediation to ensure the system fulfills its security responsibilities and meets China's national cybersecurity requirements. |