Compliance

We conduct independent verification of our partners’ security, privacy, and compliance to allow you to meet your regulatory and policy objectives anywhere your application is located. You may find further detailed information on the conformity of a specific partner site in the Ridge console.

Here is a list of some of the conformities that our partners offer:

Certification
Description
AICPA SOCService organizations control report
CSA STARData security, risk management, and survivability
Energy StarEnergy-efficient products and practices
GDPRProtecting the privacy of individuals against companies and organizations
Green GlobesCredible and practical green building approaches for commercial construction
HIPAAPrivacy and security of certain health information
ISAE 3402Standard which gives assurance to service users about adequate internal controls
ISO 20000Standard for IT service management
ISO 22301Business Continuity Management
ISO 27001Standard for Information Security Management
ISO 27017Standard of Information Security for Cloud Services
ISO 27799Information Security in the Field of Health Care
ISO 50001Standard requirements for energy management system
ISO 50518Requirements for monitoring and alarm receiving centre
ISO 50600Requirements focused on physical security and availability of mechanical systems in data centers
ISO 9001Standard for quality management
ISPACode of Conduct
LEEDMeet the standards of the U.S. Green Building Council
NISTNIST 800-53 is published by the National Institute of Standards and Technology, which creates and promotes the standards used by federal agencies to implement the Federal Information Security Management Act (FISMA) and manage other programs designed to protect information and promote information security.
Open-IX OIX-2Open-IX OIX-2 The Open-IX OIX-2 data center certification defines the standards for data centers to offer an “open” and cost-effective Internet exchange and interconnection platform.
PCI DSSProtect cardholder data
SAPSAP certifications help validate the expertise and experience of SAP partners, software users, customers and professionals who are looking to be placed in a SAP environment.
SOC 1 Type  I Report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting
SOC 2 Type IISecurity and operational procedures, customers’ equipment and data
SOX InternalControl Report that states management is responsible for an adequate internal control structure for their financial records
SSAE 16                                             Reporting on problems and on monitoring inside the company
SysTrustStandards for reliable systems measured against three essential principles: availability, security, and integrity
TSITrusted Site Infrastructure (TSI) is an assessment and certification program to evaluate the physical security and availability of data centers
TVRAThreat, Vulnerability and Risk Assessment (TVRA) to protect critical infrastructure and critical assets

 

Got a question? Don’t hesitate to talk to one of our experts.