Compliance in Azure Bot Service

APPLIES TO: SDK v4

Azure Bot Service is a global Azure service and therefore is available to customers in all regions in the clouds where it's deployed, including:

  • Azure public cloud, which is available globally.
  • Azure Government is available in four regions in the United States to US government agencies and their partners.

To help customers meet their own compliance obligations across regulated industries and markets worldwide, Azure maintains the largest compliance portfolio in the industry in terms of both breadth (total number of offerings) and depth (number of customer-facing services in assessment scope). Azure compliance offerings are grouped into four segments - globally applicable, US Government, industry specific, and region or country/region specific. Compliance offerings are based on various types of assurances, including formal certifications, attestations, validations, authorizations, and assessments produced by independent third-party auditing firms, as well as contractual amendments, self-assessments, and customer guidance documents produced by Microsoft.

Azure Bot Service certifications

Azure Bot Service is continually expanding its certification coverage. Currently, Azure Bot Service is certified with the following certificates:

Globally applicable US Government Industry specific Region or country specific
CSA STAR Certification Chapter 508 HIPAA BAA Australia IRAP
CSA STAR Attestation DoD SRG Level 2 HITRUST EN 301 549
ISO 20000-1:2011 FedRAMP Moderate PCI DSS Level 1 Germany C5
ISO 22301:2012 GxP (FDA 21 CFR Part 11) WCAG 2.1 UK G-Cloud
ISO 27001:2013
ISO 27017:2015
ISO 27018:2014
ISO 9001:2015
SOC 1, 2, 3

To learn more about each of these compliance offerings and how they benefit you, see Microsoft compliance offerings page. In particular, see FedRAMP and WCAG.

The following table lists the certifications supported by Azure Bot Service in Azure Government:

Globally applicable US Government Industry specific
CSA STAR Certification CJIS HIPAA BAA
CSA STAR Attestation DoD SRG Level 2 PCI DSS
SOC 1, 2, 3 DoD SRG Level 4
FedRAMP High
IRS 1075
NIST CSF
NIST SP 800-171

Next steps

To find out the latest compliance certifications for Azure Bot Service, see the Overview of Azure compliance.

For more information about Microsoft certifications, see the Azure Trust Center.