About Teraco

Certifications and Compliance

Our strict adherence to international business best practice and data centre standards is a critical part of our service levels.

As enterprises continue to grow their data and reliance on the online world, data maintenance, storage, accessibility, and connectivity become increasingly critical to business operations. This makes it essential that your data centre infrastructure partner can meet a variety of compliance and information security standards.

Teraco Data Environments, Africa’s interconnection and vendor-neutral data centre has implemented strict controls to meet industry standards, enabling more than 570 local and global organisations to host their data and critical applications in our compliant colocation facilities.

Teraco has, through experience in a continually evolving landscape, developed a comprehensive compliance program that addresses the compliance needs and requirements of its clients’ most stringent requirements across all facilities.

These include:



The Payment Card Industry Data Security Standards

A set of security standards formed in 2004 and governed by the Payment Card Industry Security Standards Council (PCI SSC), the compliance scheme aims to secure credit and debit card transactions against data theft and fraud.

The PCI Security Standards Council offers comprehensive standards and supporting materials to enhance data security for the payment card industry. These materials include a framework of specifications, tools, measurements and support resources to help organisations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process — including prevention, detection and appropriate reaction to security incidents.

Teraco is certified for the physical security requirements of PCI DSS.

International Organization for Standardization (ISO)

ISO is the world’s largest developer of voluntary International Standards and provides state-of-the-art specifications for products, services and good practices. This enables industry to be more efficient and effective.

Teraco obtains ISO certifications for all its data centre facilities. The Integrated Management System (IMS) assists with standardising operations and reducing risk. It is an integral part of Teraco’s business model and includes the following standards under which our facilities are certified:

ISO 9001:2015 Logo

ISO 9001:2015 STANDARD

Quality Management

ISO 9001 is a certified quality management system (QMS) for organisations who want to demonstrate their ability to consistently provide products and services that meet the needs of their customers and other relevant stakeholders.

Key benefits include:

  • Optimising operation efficiencies
  • Enhancing client satisfaction
  • Identifying and encouraging more efficient, time saving processes
  • Highlighting deficiencies
  • Increasing standardisation across the portfolio
  • Providing for continuous assessment and improvement
  • Including provisions for business continuity
ISO 27001:2013 Logo


Information Security Management

An internationally recognized best practice framework that specifies the requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS). ISMS is a systematic approach to managing sensitive company information including people, processes and IT systems.

Key benefits include:

  • ISO 27001 is the de-facto standard for information security management
  • Demonstrates a clear commitment to information security management to third parties and stakeholders
  • Provides for interoperability between organisations
  • Giving clients and stakeholders confidence in how risk is managed and minimising exposure to risk
  • Helping with compliance for other standards
  • Creating consistency in service delivery
ISAE 3402 Logo

ISAE 3402 Type 2 Attestation

Information Security Management

Report on Controls at a Service Organisation Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy.

Teraco has obtained International Standard on Assurance Engagements ISAE 3402 Type 2 Certification, for the trust principles of security and availability, for its data centres in South Africa. This supplements Teraco’s existing PCI DSS certification for physical security.

Assessed by independent auditors, the ISAE examinations demonstrate Teraco’s commitment to the highest standards of operational excellence for its 570+ clients. Clients that are compliance sensitive, such as financial firms, healthcare industries and publicly traded enterprises, often require ISAE 3402 and PCI DSS reports to validate security and availability controls.

ISAE 3402 are internationally recognized standards that report on operational controls supporting the data centre services that Teraco provides to clients. The report focuses on an organisation’s services provided, along with supporting processes, policies, procedures, personnel and operational activities that constitute the core activities relevant to users.