> For the complete documentation index, see [llms.txt](https://resources.yamaindustrials.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://resources.yamaindustrials.com/iso-27001.md). # ISO 27001 ISO 27001 (ISO/IEC 27001:2013) is the international standard that provides the specification for an information security management system (ISMS). The Standard is designed to help organisations manage their information security processes in line with international best practices while optimising costs. ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature. ## ZOHO ### Compliance at Zoho **ISO/IEC 27001** is one of the most widely recognized independent international security standards. This certificate is awarded to organizations that comply with ISO's high global standards. Zoho has earned ISO/IEC 27001:2013 certification for Applications, Systems, People, Technology, and Processes **Applicable to-** All cloud services and on-premise products of Zoho, ManageEngine, Site24x7, WebNMS and GSP Solution Zoho is SOC 2 Type II compliant. SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the AICPA's Trust Services Principles criteria. **Applicable to-** All cloud services and on-premise products of Zoho, ManageEngine, Site24x7, WebNMS and GSP Solution ## Google Cloud Security and Compliance Google contractually commits to the following: Google will maintain adherence to ISO 27001, ISO 27018 and SOC 2/3 audits during the term of the agreement; #### Google contractually commits to the following: * Google will maintain adherence to ISO 27001 and SOC 2/3 audits during the term of the agreement. * Defined Security Standards. Google will define how data is processed, stored, and protected through specific defined security standards. * Access to our Data Privacy Officer. Customers may contact Google’s Data Privacy Officer for questions or comments. * Data Portability. Administrators can export customer data in [standard formats](https://support.google.com/accounts/answer/3024190?rd=1) at any time during the term of the agreement. Google does not charge a fee for exporting data. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://resources.yamaindustrials.com/iso-27001.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.