Our data centres

Security measures and controls relating to facilities, operations, and technical infrastructure for financial institutions in Japan established by the Center for Financial Industry Information Systems.

Healthcare Data Hosting (HDS) approved by the French Ministry of Health’s Shared Healthcare Information Systems Agency (ASIP). HDS protects the confidentiality, integrity and availability of patient data.

The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. federal statute that defines physical, network and process security measures for protected health information (PHI).

ISO 9001 defines the criteria for Quality Management Systems (QMS). It is based on quality management principles designed to meet customer and other stakeholder needs within statutory and regulatory requirements.

ISO 14001 defines the requirements for an environmental management system that delivers the assurance that environmental impact is being measured and improved.

ISO 22301 defines the requirements for Business Continuity Management (BCM) through a documented management process to respond to and recover from natural and man-made disasters.

ISO 27001 defines the requirements for an information security management system (ISMS) to manage security assets such as financial information, intellectual property, employee details or information entrusted by third parties.

ISO 45001 defines the requirements for an occupational health and safety (OH&S) management system to eliminate hazards, prevent workplace injuries and ill health, and improve OH&S performance.

ISO 50001 defines the requirements for an energy management system (EnMS) aimed at efficient energy usage, and a practical means to achieve related targets and objectives. ISO 50001 is based on the management system model of continual improvement.

The NIST-800-53/FISMA provides various security and privacy controls for U.S. federal information systems in accordance with the Federal Information Security Management Act (FISMA).

Established by the Association of Banks in Singapore (ABS) OSPAR, or the Guidelines on Control Objectives and Procedures for Outsourced Service Providers provides information security guidelines for Outsourced Service Providers (OSPs) that deliver services to financial institutions in Singapore.

The Payment Card Industry Data Security Standard (PCI DSS) was established by the PCI Security Standards Council to provide a comprehensive framework of specifications, tools, measurements and support resources to ensure the safe handling of cardholder information.

The American Institute of Certified Public Accountants (AICPA) created the service organization control reports to document controls relevant to an organization’s Internal Controls over Financial Reporting (ICFR). The SOC 1 Type II evaluates and reports on the design of controls in a specific point in time, and also the operational efficacy of controls over a period of time.

The American Institute of Certified Public Accountants (AICPA) created the SOC 2 Type II report to document the controls that protect customer data and the efficacy of those controls. It is primarily a standard for data centres, MSPs, SaaS vendors, cloud computing companies, and other technology companies.

The Singapore Standard for Information and Communications Technology Disaster Recovery Services (SS 507) provides requirements for in-house and outsourced DR services. This DR standard includes implementation, testing, and execution.

The Singapore Standard for Energy and Environmental Management systems specifies the requirements for the management of a sustainable data centre. The objective of this standard is a systematic approach to continually improve energy and water efficiency in data centres.

The Trusted Site Infrastructure (TSI) certification evaluates the physical security and availability of data centres. TSI incorporates the “IT-Grundschutz”, a basic protection standard of the German Federal Office for Information Security (BSI). The standard includes a broad scope of data centre management including environmental impact, construction, fire detection and suppression systems, security, cabling, power supply, air conditioning systems, and documentation.

The Threat and Vulnerability Risk Assessment (TVRA) is set forth by the Monetary Authority of Singapore (MAS) Technology Risk Management Guidelines (TRM). Applicable to Singapore-based financial institutions with physical overseas presences, it sets out the requirements of a data centre assessment of physical and environmental threats.

​The Uptime Institute is globally recognised for its Tier Standards & Certifications for Data Center Design, Construction (Facility) and Operational Sustainability. Certification sets out the requirements for the improvement of data centre performance, efficiency, and reliability.