ISO 27001 / 27017 / 27018


ISO/IEC 27001, 27017 and 27018 certifications and reports

The ISO 27000 family of information security management standards is a series of complementary information security standards. These can be combined to provide a globally recognised framework for IT security management in accordance with best practices. By implementing these standards, organisations of any kind can manage the security of their assets such as financial data, intellectual property, employee contact information or data entrusted to them by third parties. OVHcloud received its first ISO 27001 certifications in 2013 for its cloud solutions.

ISO/IEC 27001:2017

ISO/IEC 27001:2017 is an internationally recognised standard for the establishment and certification of an Information Security Management System (ISMS). OVHcloud has received this certification for its cloud services. Obtaining this certification means that OVHcloud has implemented a holistic security programme related to its information security control and system management activities.

ISO/IEC 27017:2015

This code of practice is designed to serve as a reference for organisations when they select information security controls for cloud services. It is based on the implementation of an ISO/IEC 27001 framework in a cloud computing context. It can also be used by cloud service providers as a guidance document for their customers to implement protection controls.

ISO/IEC 27018:2019

Confidentiality is a key concern in a cloud computing environment. ISO/IEC 27018:2019 takes into account the regulatory requirements for the protection of identifiable personal information (IPI) that may be applicable in the context of risk assessment. It sets out guidelines related to a cloud service provider’s information security.

Need support or information?

You can request a free callback from an OVHcloud advisor


Perimeters and certificates

ISO/IEC 27001, ISO/IEC 27017 and ISO/IEC 27018 certifications are available for OVHcloud services hosted in all our datacentres, except those in the US, which have a specific scope (please visit the OVHcloud Inc. website for services operated by the United States).

The ISO/IEC 27001 certification that OVHcloud holds is available on the website of the certification body “Laboratoire National de Métrologie et d’Essais” (French National Laboratory of Metrology and Testing):

Additional services

Certifications and reports

Our customers can request access to our certifications and reports. They may also obtain documents relating to our certifications under certain conditions.

On-site audits

We only authorise audits carried out by third parties for the purpose of certifying all relevant parties. Please contact our sales department to access this type of service.