Compliance Standards

Compliance standards and Certifications

NTT ICT features a range of ISO27001, IRAP, and SOC compliance standards across several solutions. 

 NTT ISO27001

ISO27001 is an internationally recognised security standard that comprehensively defines the requirements for establishing, implementing and documenting an effective information security management system. 

NTT ICT has achieved ISO 27001:2013 certification for its global Enterprise Cloud and locally with management service and colocation service offerings. 


Information Security Manual (ISM) Compliance and the Information Security Registered Assessors Program (IRAP) program is governed and administered by the Australian Signals Directorate (ASD). IRAP enables ICT professionals to be engaged to conduct independent ICT assessments against Australian Government policies and guidelines.

NTT ICT work with IRAP Assessors to assist in securing your ICT networks by assessing your security compliance and highlighting the information security risks facing your organisation.

NTT ICT’s success with IRAP compliance means that we can help you in further protecting your data and you will be assured that NTT ICT has the right applicable controls selected from ASD’s Information Security Manual (ISM).



Service Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how NTT ICT achieves key compliance controls and objectives. The purpose of these reports is to help you and your auditors understand the NTT ICT controls established to support operations and compliance. There are three types of SOC Reports:

  • SOC 1 Report
  • SOC 2: Security & Availability Report
  • SOC 3: Security & Availability Report

NTT ICT have the processes in place that are already aligned with SOC controls. If you would like to have one of the above SOC reports issued, you can purchase an audit and report from NTT ICT as part of your managed service with us.