Working diligently to stay on top of rapidly changing security challenges. Our products are built on a foundation of industry standards, compliance, attestations, and regulatory requirements.
ISO 27001 (often referred to as ISO/IEC 27001:2013) is the leading international standard focused on information security developed to help organizations protect their information in a systematic and cost-effective way, through the adoption of an Information Security Management System. It also prescribes best practices that include documentation requirements, divisions of responsibility, availability, access control, security, auditing, and corrective and preventive measures.
The following Micro Focus products are covered within certified ISO 27001:2013 Information Security Management Systems (ISMS):
Our complete list of products in each product group is available here.
ISO/IEC 27034 offers guidance on information security to business and IT managers, developers, and the end-users of Information and Communications Technology (ICT) using application systems. The aim is to ensure computer applications deliver the desired level of security in support of the organization’s Information Security Management System, adequately addressing many ICT security risks.
The following Micro Focus products are ISO 27034 certified:
Our complete list of products in each product group is available here.
ISO 9001 sets out the criteria for a quality management. It can be used by any organization, large or small, regardless of its field of activity. This standard is based on a number of quality management principles including a strong customer focus, the motivation and implication of top management, the process approach and continual improvement. Using ISO 9001 helps ensure that customers get consistent, good-quality products and services, which in turn brings many business benefits.
The Common Criteria for Information Technology Security Evaluation (Common Criteria or CC) is an international standard (ISO / IEC 15408) for IT product security certification. It is a framework that provides criteria for independent, scalable and globally recognized security inspections for IT products.
The following Micro Focus products are ISO 15408 (Common Criteria) certified:
SOC 2 report focuses on non-financial controls, such as security, availability, processing integrity, confidentiality, and privacy. This report focuses on the Trust Service Principles (TSPs) and serves to educate the user entity about processes that affect its security, availability, processing integrity, confidentiality, or privacy of the data.
The Federal Risk and Authorization Management Program (FedRAMP) empowers agencies to use modern cloud technologies, with an emphasis on security and protection of federal information. FedRAMP demonstrates that we have proven that our systems are designed to keep federal data secure, as required by U.S. federal agencies.
The following Micro Focus products are FedRAMP certified:
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.
The Security, Trust, Assurance, and Risk (STAR) Registry encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the Cloud Controls Matrix (CCM).
The following Micro Focus Products are CSA STAR Level One certified:
The Agenzia per l'Italia Digitale - Agency for Digital Italy (AgID) is the technical agency of the Presidency of the Council of Ministers.
The main purpose of the Agency is to guarantee the achievement of the Italian digital agenda objectives and contribute to the diffusion of information and communication technologies, with the aim of fostering innovation and economic growth.
The following Micro Focus products are AgID certified:
To see a list of all Micro Focus AgID certified products click here.
Trusted Information Security Assessment Exchange (TISAX) is an assessment and exchange mechanism for information security in the automotive industry. The TISAX certification confirms that a company’s information security management system complies with defined security levels and allows sharing of assessment results across a designated platform.
The following Micro Focus teams are TISAX certified:
To lookup on ENX site, search by our company name - Micro Focus
To learn more about TISAX certification, read here.
The CMMC is a type of information security maturity model specific to Department of Defense third-party contractors. CMMC compliance requires companies, entering into contracts with the Department of Defense, to have adequate safeguards in place to protect their data.
Micro Focus has done a self-evaluation and certifies at Level 1
The Trade Agreements Act of 1979 (19 U.S.C. §§ 2501 – 2581) (“TAA”) implements several trade agreements that guarantee signatory countries non-discriminatory treatment in government procurements conducted in other signatory countries. The TAA allows U.S. government contractors to furnish the U.S. Government products and services from countries with which the U.S. has signed multilateral or bilateral free trade agreements or that have otherwise been determined to be TAA “Designated Countries."
To meet the TAA’s country of origin (“COO”) requirements for products, U.S. government contractors (and their subcontractors/suppliers) must supply items that are either:
(i) produced or manufactured in the U.S. or a Designated Country; or
(ii) “substantially transformed” into new and different articles of commerce in the U.S. or a Designated Country.
TAA compliance statement by product group:
