Table 3.
Third-party certifications of the Cloud provider.
| Certification | Brief overview |
| SAS70 Type II | Statement on Auditing Standards No 70: Auditing statement that provides guidance to service auditors when assessing the internal control of a service organization and issuing a service auditor’s report. |
| PCI DSS Level 1 | The Cloud provider should be certified with the PCI Data Security Standard as a shared hosting service provider. |
| ISO 27001 | Certification of the Information Security Management System (ISMS) that covers infrastructure, data centers, and service terms. |
| FISMA | Certification to operate at Federal Information Security Management Act (FISMA) Low Level, which is a US federal law enacted in 2002. It recognizes the importance of information security to the economy and national security interests of the United States. |