This page sets out Sungard AS position in the UK in relation to a number of ISO and BS standards and guidelines, together with any industry specific regulations that customers need to comply with, in order for them to operate within that market segment.
IL3 - Sungard AS has Pan Government Accreditation (PGA) for Impact Level 3 (IL3), for our private cloud infrastructure. This bridges across different levels of security via an accredited Gateway, meaning that customers can meet government criteria for new 'Official' and 'Official Sensitive' security levels, which combine both IL2 and IL3.
ISO 9001: 2008 - Sungard AS was the first Information Availability provider in the UK to achieve ISO 9001: 2008 accreditation as evidence of our commitment to developing quality processes. This was renewed in 2009.
ISO 22301 (formerly BS 25999) [the British Standard for Business Continuity Management] - Sungard AS was recertified against
BS 25999-2:2007 for the second time in November 2010, the certification covers all UKI facilities.
ISO 27031 (formerly BS 25777) – The BS 25777:2008 standard for ICT Continuity is accepted as a subset of Business Continuity as specified within the scope of BS25999-2:2007 to which Sungard AS adheres.
- Sungard AS works within the guidelines of this environmental management standard. However, full certification has not been achieved. Sungard AS' Environment Strategy is based on a company-wide Sustainability programme, sponsored by our CEO.
ISO/IEC 27001 - Sungard AS has achieved accreditation to ISO27001 within our LTC, TC2, TC3 and TC5 datacentres supporting our Managed Hosting and Cloud Infrastructure services (IaaS), as well as our supporting head office functions.
IGSoC - Sungard AS meets the requirements of this standard and performs commensurate with large proportions of ISO/IEC 27002:2005 (formerly BS 17799).
BS 31100: 2008 - Sungard AS's Security Risk Management Policy, which has aligned itself to BS 31100:2008.
PCI DSS - Though not compliant ourselves, we have enabled many customers of our Technology Centres to deliver PCI DSS compliant solutions.