Compliance and Ratings

Teraco Icon
About teraco 4

International Data Centre Standards

Strict adherence to these standards is a critical part of our service levels

As enterprises continue to grow their data and reliance on the online world, data maintenance, storage, accessibility, and connectivity become increasingly critical to business operations. This means it is essential that your data centre infrastructure partner meets a variety of compliance and information security standards. Teraco Data Environments, Africa’s interconnection and vendor-neutral data centre, has implemented strict controls to meet industry standards, enabling more than 570 local and global organisations to host their data and critical applications in our compliant colocation facilities. Teraco has, through experience in a continually evolving landscape, developed a comprehensive compliance programme that addresses the compliance needs and requirements of its clients’ most stringent requirements across all facilities.

Our Certifications



PCI DSS Compliant

Payment Card Industry Data Security Standards

A set of security standards formed in 2004 and governed by the Payment Card Industry Security Standards Council (PCI SSC), the compliance scheme aims to secure credit and debit card transactions against data theft and fraud.

The PCI Security Standards Council offers comprehensive standards and supporting materials to enhance data security for the payment card industry. These materials include a framework of specifications, tools, measurements and support resources to help organisations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process — including prevention, detection and appropriate reaction to security incidents.

Teraco is certified for the physical security requirements of PCI DSS.

About PCI-DSS Certification


ISO Certified

International Organization for Standardization

ISO is the world’s largest developer of voluntary International Standards and provides state-of-the-art specifications for products, services and good practices. This enables industry to be more efficient and effective. Teraco obtains ISO certifications for all its data centre facilities. The Integrated Management System (IMS) assists with standardising operations and reducing risk and is an integral part of Teraco’s business model.

Our facilities are certified and under the following standards:

ISO/IEC 27001:2022 Standard

Information Security, Cybersecurity and Privacy Protection Management

ISO 27001 is an internationally recognised best practice framework that specifies the requirements for establishing, implementing, maintaining, and continually improving an Information Security, Cybersecurity and Privacy Protection Information Security Management System (ISMS). This systematic approach to managing sensitive company information, encompassing people, processes, and IT systems, is vital in ensuring the security and integrity of your data.

Key Benefits

  • Global standard: ISO 27001 is widely acknowledged as the de-facto standard for information security management.
  • Demonstrated commitment: It showcases our clear commitment to information security management to third parties and stakeholders.
  • Interoperability: ISO 27001 provides a framework for interoperability between organisations.
  • Client confidence: It instils confidence in our clients and stakeholders regarding how we manage risks and minimise exposure.
  • Compliance support: It aids in compliance with other standards.
  • Consistency in service delivery: ISO 27001 creates consistency in our service delivery, ensuring a reliable and secure environment for your operations.

ISO 9001:2015 Standard

Quality Management Systems

ISO 9001 is a certified quality management system (QMS) for organisations who want to demonstrate their ability to consistently provide products and services that meet the needs of their customers and other relevant stakeholders.

Key Benefits

  • Optimising operation efficiencies
  • Enhancing client satisfaction
  • Identifying and encouraging more efficient, time saving processes
  • Highlighting deficiencies
  • Increasing standardisation across the portfolio
  • Providing for continuous assessment and improvement
  • Including provisions for business continuity

ISO 14001:2015 Standard

Environmental Management Systems

ISO 14001:2015 is an International Standard that provides organisations with a framework to protect the environment and respond to changing environmental conditions in balance with socio-economic needs. An effective environmental management system enables effective and systematic environmental management, performance monitoring and improvement including promoting the efficient use of resources, the reduction and safe disposal of waste and minimisation of environmental impact.

Key Benefits

  • Prevent/mitigate adverse environmental impacts
  • Mitigate potential adverse effects of environmental conditions on the organisation
  • Assist in fulfilling environmental compliance obligations
  • Enhanced environmental performance
  • Improved environmental procurement decisions
  • Greater environmental awareness

ISO 50001:2018 Standard

Energy Management Systems

ISO 50001:2018 is an International Standard that provides organisations with a framework to establish an effective energy management system that leads to the systematic, data-driven and continual improvement of a company’s energy performance, including energy efficiency, energy use and energy consumption.

Key Benefits

  • Enhanced energy performance
  • Increased energy efficiency
  • Reduction in greenhouse gas emissions
  • Improved energy procurement decisions
  • Greater energy awareness


ISAE 3402

ISAE 3402 Type 2 Attestation

Information Security Management

Report on Controls at a Service Organisation Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.

Teraco has obtained the International Standard on Assurance Engagements ISAE 3402 Type 2 Attestation, for the trust principles of security and availability, for its data centres in South Africa. This supplements Teraco’s existing PCI DSS certification for physical security. Assessed by independent auditors, the ISAE examinations demonstrate Teraco’s commitment to the highest standards of operational excellence for its 570+ clients. Compliance sensitive clients, such as financial firms, healthcare industries and publicly traded enterprises, often require ISAE 3402 and PCI DSS reports to validate security and availability controls.

ISAE 3402 are internationally recognized standards that report on operational controls supporting the data centre services that Teraco provides to clients. The report focuses on an organisation’s services provided, along with supporting processes, policies, procedures, personnel and operational activities that constitute the core activities relevant to users.

About ISAE-3402 Certification


ESG Rating

Ecovadis Silver Medal

Ecovadis Sustainability Rating

What is ESG’s score rating?

An ESG rating can be broken down into three categories which are typically interconnected:

Environmental score

The Environmental score of an ESG rating deals with factors that affect the natural environment such as carbon emissions, natural resources, energy efficiency, waste management, and raw material sourcing. Factors that can negatively affect the Environmental score are irresponsible management of materials and waste, toxic emissions, and a lack of sustainable sourcing.

Social Score

The Social score of an ESG rating is determined by customer satisfaction, human rights, labor standards, diversity and inclusion, data security, and privacy. Opposition from stakeholders can arise from controversial sourcing and poor working conditions within the supply chain.

Governance score

The Governance score in an ESG rating examines the operating practices and standards of a company.

To receive a high Governance score, a company must be:

  • Self-auditing
  • Consistently measuring and evaluating performance
  • Maintaining regulatory relationships
  • Practicing risk management
  • Compensating for achieving ESG goals

Investors want to see companies that practice strong business ethics, as well as provide transparency for stakeholders, customers, and employees.

How does the ESG score work?

The ESG score works by compiling data about the subject and weighing the issues against a standard scale. The EcoVadis ESG score examines the performance of a company across several themes, taking into account emissions, human rights, procurement sustainability, and more.

Why is ESG investing important?

Investors are placing more importance on non-financial factors when it comes to the analytic process in order to identify risk and potential room for growth. An ESG score helps to identify where a company stands in regards to its environmental, social, and governance practices, which can be indicative of operations that bring risks to investors, customers, and the global community.

Key takeaways
  • ESG ratings help investors to evaluate risks within a supply chain, as well as help identify areas of improvement.
  • A good ESG rating is a quick and standardized way for investors, customers, and employees to gauge where a company stands in terms of environmental, social, and governance practices.
About Ecovadis


VMware Zero Carbon Committed

VMWare Zero Carbon Committed

VMware Zero Carbon Committed

Partnering for a sustainable future

VMware Zero Carbon Committed providers have set goals to power data centres with 100% renewable energy or achieve carbon neutrality on or before 2030.

*VMware Cloud Verified Providers who host their cloud platforms at the Teraco data centre facilities can leverage Teraco’s sustainability commitment to attain Zero Carbon Committed status.

About VMWare Zero Carbon Committed