阿里云和Salesforce已获得众多国内外合规与安全认证。
Alibaba Cloud and Salesforce have obtained numerous domestic and international compliance and security certifications.
合规认证 | 说明 |
等保2.0(三级) | 网络安全等级保护(简称等保),是指对国家重要信息、法人和其他组织及公民的专有信息以及信息和存储、传输、处理这些信息的信息系统分等级实行安全保护,对信息系统中使用的信息安全产品实行按等级管理,对信息系统中发生的信息安全事件分等级响应、处置。 Network Security Classified Protection (shortened as "Classified Protection") refers to the implementation of security protection for important national information, proprietary information of legal persons and other organizations and citizens, as well as information and information systems that store, transmit and process these information, implement hierarchical management of information security products used in information systems, and respond and dispose of information security incidents occurring in information systems in different levels. 该报告可提供给已与阿里云签约保密协议(NDA)的客户。 This report is available to customers who have signed a Non-Disclosure Agreement (NDA) with Alibaba Cloud. 如需查阅报告,请联系您的销售代表。 If you need to review the report, please contact your sales representative. |
SOC 2 | 系统与组织控制(SOC)报告是独立的第三方审计师针对阿里云为客户提供的云服务进行检查验证而出具的独立审计报告。该报告向阿里云的客户及其审计师说明了阿里云的关键控制及控制目标以帮助客户更好地评估阿里云的内控机制并有效地管理其外包风险。 The System and Organization Control (SOC) Report is an independent audit report issued by an independent third-party auditor to verify the cloud services provided by Alibaba Cloud to customers. This report explains to Alibaba Cloud's customers and their auditors the key controls and control objectives of Alibaba Cloud, helping customers better evaluate Alibaba Cloud's internal control mechanisms and effectively manage their outsourcing risks. 如需查阅报告,请前往如下地址: If you need to review the report, please visit the following address: |
ISO 20000 | ISO 20000 是一个服务管理系统(SMS)的标准,为服务提供商规划、建立、实施、运行、监控、审查、维护和改进服务管理系统要求。 ISO 20000 is a service management system (SMS) standard for service providers to plan, establish, implement, operate, monitor, review, maintain and improve service management system requirements. 该证书可提供给已与阿里云签约保密协议(NDA)的客户。 This certificate is available to customers who have signed a Non-Disclosure Agreement (NDA) with Alibaba Cloud. 如需查阅证书,请联系您的销售代表。 If you need to review the certificate, please contact your sales representative. |
ISO 22301 | ISO 22301 业务连续性管理体系,能够帮助企业制定一套一体化的管理流程计划。该标准帮助企业辨别潜在问题、确定可能的威胁,并提供一个有效的管理机制来阻止或抵消这些威胁,以便减少损失。 ISO 22301, a Business Continuity Management System, helps enterprises develop an integrated management process plan. The standard helps enterprises identify potential problems, determine possible threats, and provide an effective management mechanism to prevent or offset these threats in order to reduce losses. 该证书可提供给已与阿里云签约保密协议(NDA)的客户。 This certificate is available to customers who have signed a Non-Disclosure Agreement (NDA) with Alibaba Cloud. 如需查阅证书,请联系您的销售代表。 If you need to review the certificate, please contact your sales representative. |
ISO/IEC 27001 | ISO/IEC 27001 为保护个人隐私信息提供指引,藉由补充额外的管控要求,以建立、实施、维护和持续改善在 ISMS 范围内的隐私信息管理(Privacy Information Management),降低隐私信息所面临的风险。 ISO/IEC 27001 provides guidelines for the protection of personal privacy information by adding additional control requirements to establish, implement, maintain and continuously improve the management of privacy information within the scope of ISMS (Privacy Information Management) to reduce the risks faced by privacy information. 该证书可提供给已与阿里云签约保密协议(NDA)的客户。 This certificate is available to customers who have signed a Non-Disclosure Agreement (NDA) with Alibaba Cloud. 如需查阅证书,请联系您的销售代表。 If you need to review the certificate, please contact your sales representative. |
ISO 27017 | ISO 27017 提供了一套使用云服务的相关信息安全控制指引,包含:
ISO 27017 provides a set of information security control guidelines for using cloud services, including:
该证书可提供给已与阿里云签约保密协议(NDA)的客户。 This certificate is available to customers who have signed a Non-Disclosure Agreement (NDA) with Alibaba Cloud. 如需查阅证书,请联系您的销售代表。 If you need to review the certificate, please contact your sales representative. |
ISO 27018 | ISO 27018 建立了一套个人隐私保护规范,包含控制目标、控制内容以及相应的实施指引。它依据 ISO/IEC 27002 识别出的信息安全风险环境,规定适用的个人可识别信息保护要求。 ISO 27018 establishes a set of guidelines for protecting personal privacy, including control objectives, control content, and corresponding implementation guidance. Based on the information security risk environment identified in ISO/IEC 27002, it specifies the applicable requirements for the protection of personally identifiable information (PII). 该证书可提供给已与阿里云签约保密协议(NDA)的客户。 This certificate is available to customers who have signed a Non-Disclosure Agreement (NDA) with Alibaba Cloud. 如需查阅证书,请联系您的销售代表。 If you need to review the certificate, please contact your sales representative. |