Regulatory Compliance

ISO 27001 Certification

ISO 27001:2013 is an international standard that specifies the requirements for an Information Security Management System (ISMS). An ISMS is a systematic approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an organization's information security to achieve business objectives. It includes people, processes and IT systems by applying a risk management process.

Accredited certification to ISO 27001 demonstrates an organization is following international information security best practices. Lenovo’s ISO 27001 Beijing Datacenter Certificate is issued by British Standards International (BSI) and confirms the Lenovo Beijing Datacenter status as a certified ISO 27001:2013 organization. The scope of this certification is limited to, “The provision of operation and management services of relevant production systems and infrastructure in Beijing Datacenter to support Lenovo global core business.”

The second half of the document linked below contains a second ISO 27001 certificate applying to the Information Security Management System (ISMS) of Lenovo’s TruScale VMware Infrastructure as a Service (IaaS); and the people, processes, and documented information supporting and managed by that ISMS.