Compliance at Zoho
IS 642819
ISO/IEC 27001
ISO/IEC 27001 is one of the most widely recognized independent international security standards. This certificate is awarded to organizations that comply with ISO’s high global standards. Zoho has earned ISO/IEC 27001:2013 certification for Applications, Systems, People, Technology, and Processes
Applicable to- All cloud services and on-premise products of Zoho, ManageEngine, Site24x7, WebNMS and GSP Solution
PM 732705
ISO/IEC 27701
ISO/IEC 27701 is an extension to the ISO/IEC 27001 and ISO/IEC 27002 standards for privacy management within the context of the organization. The certification standard is designed to enhance the existing Information Security Management System (ISMS) with additional requirements in order to establish, implement, maintain, and continually improve a Privacy Information Management System (PIMS). This standard enables organisations to demonstrate compliance with the various privacy regulations around the world that are applicable to them.
Applicable to- All business units, cloud services and on-premise products of Zoho, ManageEngine, Site24x7, WebNMS which function in the capacity of a PII controller and/or as a PII Processor.
CLOUD 714132
ISO/IEC 27017
ISO/IEC 27017 gives guidelines for information security controls applicable to the provision and use of cloud services by providing additional implementation guidance for relevant controls specified in ISO/IEC 27002 and additional controls with implementation guidance that specifically relate to cloud services.
►►► Bộ giải pháp tối ưu dành cho doanh nghiệp Sản Xuất: Phần Mềm Logistics, Hệ Thống MES, Phần Mềm Quản Lý Nhân Sự, Phần Mềm CRM, Phần Mềm Quản Lý Tuyển Dụng, Hệ Thống Văn Phòng Điện Tử
Zoho is certified with ISO/IEC 27017:2015 – Information technology – Security techniques – Code of practice for information security controls based on ISO/IEC 27002 for cloud services.
Applicable to- All Cloud services of Zoho, Manage Engine and Site24x7 .
PII 714133
ISO/IEC 27018
ISO/IEC 27018 establishes commonly accepted control objectives, controls and guidelines for implementing measures on safeguarding the PII that is processed in a public cloud. These controls are an extension of ISO/IEC 27001 and ISO/IEC 27002, ISO/IEC 27018 which provide guidance to organizations concerned about how their cloud providers are handing personally identifiable information (PII).
Applicable to- All Cloud services of Zoho, Manage Engine and Site24x7.
ISO 9001
ISO 9001 is defined as the international standard that specifies requirements for a Quality Management System (QMS). Organizations use the standard to demonstrate the ability to consistently provide quality products and services that meet customer and regulatory requirements. Zoho HRMS and Finance suite of applications complies with ISO 9001 requirements.
Applicable to- Zoho HRMS products (ie) Zoho people, Zoho Payroll and Zoho finance Plus products (ie) Zoho Books, Zoho Invoice, Zoho Inventory, Zoho Subscription, Zoho Expense, Zoho Checkout.
SOC 2
Zoho is SOC 2 Type II compliant. SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the AICPA’s Trust Services Principles criteria.
Applicable to- All cloud services and on-premise products of Zoho, ManageEngine, Site24x7, WebNMS and GSP Solution
Payment card industry (PCI) compliance refers to the technical and operational standards that businesses must follow to ensure that credit card data provided by cardholders is protected. PCI compliance is enforced by the PCI Standards Council, to ensure that all businesses that store, process or transmit credit card data electronically do so in a secure manner that helps reduce the likelihood that cardholders would have sensitive financial data stolen.
Zoho, being PCI compliant, consistently adheres to a set of guidelines set forth by companies that issue credit cards.
Applicable to- All the Zoho finance Plus products (ie) Zoho Books,Zoho Invoice,Zoho Inventory, Zoho Subscriptions, Zoho Expense, Zoho Checkout and Zoho Commerce
GDPR is a pan-European regulation that requires businesses to protect the personal data and privacy of EU citizens for processing of their personal data.
Zoho has always demonstrated its commitment to its user’s data privacy by consistently exceeding industry standards. Zoho welcomes GDPR as a strengthening force of the privacy-consciousness that already exists in it.
Zoho’s offerings have privacy features that comply to GDPR, and Zoho’s processing of its customer’s data adheres to the data protection principles of the GDPR. To know more about how Zoho complies with GDPR
TRUSTe Review Zoho’s privacy policy, platform, website, and support portal have been reviewed by TRUSTe for compliance with their program requirements.
Zoho Corporation is certified to be compliant with the SWISS-U.S. PRIVACY SHIELD FRAMEWORK
Certified Senders Alliance (CSA) is a quality certification for mailbox service providers like Zoho Campaigns, making them enter the league of trusted senders. Zoho Campaigns is a CSA-certified service, giving you higher email open rates, improvement in deliverability with white listed IPs, and protection against any legal risk.
Signal spam reports help in providing FBL data, primarily technical information for identification of spammers and marketing abuse, from major ISPs like Orange.fr, SFR.fr, and so on. It has many spam reporting plugins for third-party browsers and email clients, focused at the French communities worldwide. It’s important for both Zoho corporation and our customers to know all the recipients who mark or report the emails they receive as ‘spam’, so that we can remove them from the lists. Hence, this certification protects our network reputation in the French region.
Applicable to- Zoho Corporation
Source: Zoho
SmartOSC DX là đơn vị cung cấp chuyển đổi số hàng đầu tại Việt Nam. Là động cơ thúc đẩy sự thành công trong quá trình chuyển đổi số của Baemin, Daikin hay VDI, bộ giải pháp của chúng tôi được tạo ra để phát hy tối đa giá trị của từng doanh nghiệp trong kỉ nguyên số
Để lại bình luận tại đây