|
1 | 1 | --- |
2 | 2 | title: Azure Firewall certifications |
3 | | -description: A list of Azure Firewall certifications for PCI, SOC, and ISO. |
4 | | -services: firewall |
| 3 | +description: Learn about Azure Firewall compliance certifications including CSA STAR, ISO, SOC, PCI DSS, HITRUST, FedRAMP, and DoD across global and industry-specific audit programs. |
5 | 4 | author: duongau |
6 | 5 | ms.service: azure-firewall |
7 | 6 | ms.topic: concept-article |
8 | | -ms.date: 04/28/2023 |
| 7 | +ms.date: 03/28/2026 |
9 | 8 | ms.author: duau |
10 | 9 | # Customer intent: "As a compliance officer in a regulated industry, I want to review the certifications of Azure Firewall, so that I can ensure it meets the necessary regulatory requirements for our organization." |
11 | 10 | --- |
12 | 11 |
|
13 | 12 | # Azure Firewall certifications |
14 | 13 |
|
15 | | -To help you meet your own compliance obligations across regulated industries and markets worldwide, Azure maintains the largest compliance portfolio in the industry both in terms of breadth (total number of offerings) and depth (number of [customer-facing services](https://azure.microsoft.com/services/) in assessment scope). |
| 14 | +To help you meet your own compliance obligations across regulated industries and markets worldwide, Azure maintains the largest compliance portfolio in the industry both in terms of breadth (total number of offerings) and depth (number of [customer-facing services](https://azure.microsoft.com/services/) in assessment scope). |
16 | 15 | For service availability, see [Products available by region](https://azure.microsoft.com/global-infrastructure/services/). |
17 | 16 |
|
18 | 17 | ## Azure Firewall audit scope |
19 | 18 |
|
20 | | -Microsoft retains independent, third-party auditing firms to conduct audits of Microsoft cloud services. The resulting compliance assurances are applicable to both Azure and Azure Government cloud environments. Compliance offerings are grouped into four segments: globally applicable, US government, industry specific, and region/country specific. Azure compliance certificates and audit reports state clearly which cloud services are in scope for independent third-party audits. Different audits may have different cloud services in audit scope. |
| 19 | +Microsoft retains independent, third-party auditing firms to conduct audits of Microsoft cloud services. The resulting compliance assurances apply to both Azure and Azure Government cloud environments. Compliance offerings are grouped into four segments: globally applicable, US government, industry specific, and region or country specific. Azure compliance certificates and audit reports clearly state which cloud services are in scope for independent third-party audits. Different audits might have different cloud services in audit scope. |
21 | 20 |
|
22 | | -Azure Firewall is included in many Azure compliance audits such as CSA STAR, ISO, SOC, PCI DSS, HITRUST, FedRAMP, DoD, and others. For the latest insight into Azure Firewall compliance audit scope, see [Cloud services in audit scope](/azure/compliance/offerings/cloud-services-in-audit-scope). |
| 21 | +Azure Firewall is included in many Azure compliance audits. The following list shows the key certifications by category: |
| 22 | + |
| 23 | +**Global, industry, and regional:** |
| 24 | +- CSA STAR |
| 25 | +- ISO/IEC 27001, 27017, and 27018 |
| 26 | +- SOC 1 Type 2, SOC 2 Type 2, and SOC 3 |
| 27 | +- PCI DSS Level 1 |
| 28 | +- HIPAA BAA |
| 29 | +- HITRUST CSF |
| 30 | +- GSMA |
| 31 | + |
| 32 | +**US government:** |
| 33 | +- FedRAMP High |
| 34 | +- DoD IL2, IL4, IL5, and IL6 (Azure Government) |
| 35 | + |
| 36 | +For the authoritative and up-to-date list of which Azure services are in each audit scope, see [Cloud services in audit scope](/azure/compliance/offerings/cloud-services-in-audit-scope). |
23 | 37 |
|
24 | 38 | ## Next steps |
25 | 39 |
|
|
0 commit comments