# Certificates

HUNT Cloud comply with three international management systems, one for quality management (ISO 9001), one for information security (ISO 27001), and one for information privacy (ISO 27701).

For each certificate, independent auditors examines our governance, management, infrastructure, services and operations. Reports from these audits are available to data controllers on request.

Our ISO 9001 and ISO 27001 certificates have been issued since 2017, while our ISO 27701 certificate has been issued since 2024.

# ISO 9001

NS-EN ISO 9001:2015 Certificate (opens new window) (PDF)

Our compliance with the international standard in quality management «ISO 9001» is certified by Kiwa, Norway. The certificate is part of HUNT Research Centre's main certificate that has been issued since 2011.

List of issued certificates

Period #3: 2023-2026

Period #2: 2020-2023

Period #1: 2017-2020

# ISO 27001

NS-EN ISO 27001:2022 Certificate (opens new window) (PDF)

Our compliance with the international standard in information security management «ISO 27001 (opens new window)» is certified in accordance with our Statement of Applicability (SoA) by DNV, Norway.

List of issued certificates

Period #3: 2024-2027

Period #2: 2021-2024

Period #1: 2017-2020

# ISO 27701

NS-EN ISO 27701:2019 Certificate (opens new window) (PDF)

Our compliance with the international standard for privacy information management «ISO 27701 (opens new window)» is certified in accordance with our Statement of Applicability (SoA) by DNV, Norway.

List of issued certificates

Period #1: 2024-2027

# Supporting documents

# Scoping document

Security and privacy scope (opens new window) (PDF)

This document describes the security and privacy scope of our information management system.

# Statement of Applicability (SoA)

ISO 27001 Statement of Applicability (opens new window) (PDF)

Our Statement of Applicability, often referred to as "SoA", states which ISO control objectives we have applied in our ISO 27001 certificate.

SoA is a central document in our certification audits, and it guides Data controllers to quickly asses which controls they should expect to be in place to safeguard their data.

In short, we state applicability for controls derived from ISO 27002 (opens new window) (general information security), ISO 27017 (opens new window) (cloud security), and ISO 27701 (opens new window) (privacy information management system).

To ease the readability, we have included the control's implementation status and comments where applicable.

Last Updated: 3/25/2024