By Roland Cloutier, TikTok Chief Information Security Officer
At TikTok, our top priority is the safety, security, and privacy of our community. We're always working to enhance and advance our security efforts to safeguard the platform as a destination for self expression, creativity, and joy. That's why we're proud to announce that TikTok is officially ISO 27001 certified in the US and UK, with Singapore, Ireland, and India soon to follow! The ISO certification is one of the most globally recognized information security standards, demonstrating our investment in the people, processes, and technology to keep our global community safe.
A critical part in building a world class global security organization includes testing our defenses by collaborating with external partners. We continue welcoming security, privacy, and policy experts to review our code and algorithm at TikTok’s Transparency and Accountability Center. During the ISO certification process, independent third party auditors performed a series of rigorous checks to confirm TikTok's global security, risk, and controls operations meet the highest standards. Core to this was evaluating how we protect our platform's infrastructure, development, operations, and services, including:
- Demonstrating evidence of implementing and maintaining an effective Information Security Management System (ISMS) to safeguard data
- Validating a range of security controls to show TikTok's alignment with security best practices
- Cross-functional collaboration across security, IT, legal, privacy, and HR teams to build a culture of security awareness
Achieving the ISO 27001 certification is another step in our comprehensive security journey, and this important work is ongoing, and always will be. We remain focused on taking our efforts to the next level and leading our industry by persistently investing, iterating, and upholding our commitments to protect the vibrant TikTok community.