Compliance in Microsoft Cloud for Sustainability
Microsoft Azure, and Microsoft Power Platform services and the underlying infrastructure, employ a security framework that encompasses industry best practices and spans multiple standards, such as the ISO 27000 family of standards. Microsoft Sustainability Manager is built by taking advantage of Azure and Microsoft Power Platform. As part of our comprehensive compliance offering, Microsoft regularly undergoes independent audits by qualified third-party accredited assessors.
You can find the qualifying license terms for Microsoft Sustainability Manager, Azure, and Microsoft Power Platform in the Online Service Terms and the Microsoft Privacy Statement. These terms are a prerequisite to your use of Microsoft Sustainability Manager.
The following table lists the compliance offerings for Microsoft Cloud for Sustainability. For more information about compliance offerings in Microsoft cloud services, go to Service Trust Portal.
| Standard | Microsoft Sustainability Manager |
|---|---|
| ISO 27001:2013 | Achieved |
| ISO 27018:2014 | Achieved |
| ISO 27017:2015 | Achieved |
| ISO 9001:2015 | Achieved |
| ISO 27701:2019 | Achieved |
| SOC 1 Type 2 | Achieved |
| SOC 2 Type 2 | Achieved |
| SOC 3 | Achieved |
| SOX (US) | Achieved |
| HITRUST | Achieved |
| PCI DSS Level 1 | Achieved |
| FedRAMP High | Planned |
Resources
- Well-Architected for Microsoft Cloud for Sustainability
- Trust Center
- Azure data residency and privacy
