Azure meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards like Australia IRAP, UK G-Cloud, and Singapore MTCS.
Rigorous third-party audits, such as by the British Standards Institute, verify Azure’s adherence to the strict security controls these standards mandate. You can verify our implementation of many security controls by requesting audit results from the certifying third parties.
See the full list of Azure Compliance Offerings for more information.
In addition to Azure's compliance measures, OnePlan itself follows OWASP standards.