Compliance
Avaya is committed to securing the data we process on behalf of our customers. We comply with laws, regulations, policies, and customer commitments.
Structured for success
Avaya’s Certifications Team oversees the engagement of independent third-party assessors to review the security of our cloud offerings. The team is strategically placed under the Ethics & Integrity umbrella to ensure independence and proper oversight. The current status of third-party certifications for our offers is below.
Security
Avaya maintains two security teams.
The Corporate Security team oversees the protection of people and assets and manages business continuity and crisis management planning initiatives to ensure the safety of our employees and operations.
The Information Security team ensures the protection and availability of Avaya’s information assets, which include information entrusted to us by our customers. We understand that threats to our network and information come from many different vectors and are extremely fluid. We approach security by:
- Security operations and best practices
- Platform and network security
- Availability and continuity incident response
- Continuous assessment and improvement


ISO 9001
Learn more
ISO 9001
For a quality management system (QMS). This applies to Avaya’s design, development, sales, delivery, implementation, and services of our communication solutions. View or download the certification and scope at Certification by Schellman.

ISO 27001
Information security standard. This applies to AXP Public, AXP Private with AEC, and the Avaya Managed Services Platform. View or download the certifications with scope at Any Certification by Schellman.

HIPAA Compliance
To support customers in the health care industry, Avaya has implemented the appropriate security controls on Avaya Experience Platform, Avaya Enterprise Cloud, and the Avaya Managed Services Platform to issue a Business Associate Agreement. View the Compliance Status of Avaya Services.

PCI compliance
To support customers that process credit card data, Avaya has implemented appropriate security controls on the Avaya Experience Platform, Avaya Enterprise Cloud and Avaya Managed Services Platform. View the Compliance Status of Avaya Services.

FedRAMP compliance
To support U.S. Government customers, Avaya has implemented appropriate security controls on Avaya Government Cloud.

Trusted Cloud Provider
Trusted Cloud Provider status for Avaya Spaces and Avaya Experience Platform obtained from the Cloud Security Alliance.

ISO 27001
Learn more
ISO 9001
For a quality management system (QMS). This applies to Avaya’s design, development, sales, delivery, implementation, and services of our communication solutions. View or download the certification and scope at Certification by Schellman.

ISO 27001
Information security standard. This applies to AXP Public, AXP Private with AEC, and the Avaya Managed Services Platform. View or download the certifications with scope at Any Certification by Schellman.

HIPAA Compliance
To support customers in the health care industry, Avaya has implemented the appropriate security controls on Avaya Experience Platform, Avaya Enterprise Cloud, and the Avaya Managed Services Platform to issue a Business Associate Agreement. View the Compliance Status of Avaya Services.

PCI compliance
To support customers that process credit card data, Avaya has implemented appropriate security controls on the Avaya Experience Platform, Avaya Enterprise Cloud and Avaya Managed Services Platform. View the Compliance Status of Avaya Services.

FedRAMP compliance
To support U.S. Government customers, Avaya has implemented appropriate security controls on Avaya Government Cloud.

Trusted Cloud Provider
Trusted Cloud Provider status for Avaya Spaces and Avaya Experience Platform obtained from the Cloud Security Alliance.

HIPAA Compliance
Learn more
ISO 9001
For a quality management system (QMS). This applies to Avaya’s design, development, sales, delivery, implementation, and services of our communication solutions. View or download the certification and scope at Certification by Schellman.

ISO 27001
Information security standard. This applies to AXP Public, AXP Private with AEC, and the Avaya Managed Services Platform. View or download the certifications with scope at Any Certification by Schellman.

HIPAA Compliance
To support customers in the health care industry, Avaya has implemented the appropriate security controls on Avaya Experience Platform, Avaya Enterprise Cloud, and the Avaya Managed Services Platform to issue a Business Associate Agreement. View the Compliance Status of Avaya Services.

PCI compliance
To support customers that process credit card data, Avaya has implemented appropriate security controls on the Avaya Experience Platform, Avaya Enterprise Cloud and Avaya Managed Services Platform. View the Compliance Status of Avaya Services.

FedRAMP compliance
To support U.S. Government customers, Avaya has implemented appropriate security controls on Avaya Government Cloud.

Trusted Cloud Provider
Trusted Cloud Provider status for Avaya Spaces and Avaya Experience Platform obtained from the Cloud Security Alliance.

PCI compliance
Learn more
ISO 9001
For a quality management system (QMS). This applies to Avaya’s design, development, sales, delivery, implementation, and services of our communication solutions. View or download the certification and scope at Certification by Schellman.

ISO 27001
Information security standard. This applies to AXP Public, AXP Private with AEC, and the Avaya Managed Services Platform. View or download the certifications with scope at Any Certification by Schellman.

HIPAA Compliance
To support customers in the health care industry, Avaya has implemented the appropriate security controls on Avaya Experience Platform, Avaya Enterprise Cloud, and the Avaya Managed Services Platform to issue a Business Associate Agreement. View the Compliance Status of Avaya Services.

PCI compliance
To support customers that process credit card data, Avaya has implemented appropriate security controls on the Avaya Experience Platform, Avaya Enterprise Cloud and Avaya Managed Services Platform. View the Compliance Status of Avaya Services.

FedRAMP compliance
To support U.S. Government customers, Avaya has implemented appropriate security controls on Avaya Government Cloud.

Trusted Cloud Provider
Trusted Cloud Provider status for Avaya Spaces and Avaya Experience Platform obtained from the Cloud Security Alliance.

FedRAMP compliance
Learn more
ISO 9001
For a quality management system (QMS). This applies to Avaya’s design, development, sales, delivery, implementation, and services of our communication solutions. View or download the certification and scope at Certification by Schellman.

ISO 27001
Information security standard. This applies to AXP Public, AXP Private with AEC, and the Avaya Managed Services Platform. View or download the certifications with scope at Any Certification by Schellman.

HIPAA Compliance
To support customers in the health care industry, Avaya has implemented the appropriate security controls on Avaya Experience Platform, Avaya Enterprise Cloud, and the Avaya Managed Services Platform to issue a Business Associate Agreement. View the Compliance Status of Avaya Services.

PCI compliance
To support customers that process credit card data, Avaya has implemented appropriate security controls on the Avaya Experience Platform, Avaya Enterprise Cloud and Avaya Managed Services Platform. View the Compliance Status of Avaya Services.

FedRAMP compliance
To support U.S. Government customers, Avaya has implemented appropriate security controls on Avaya Government Cloud.

Trusted Cloud Provider
Trusted Cloud Provider status for Avaya Spaces and Avaya Experience Platform obtained from the Cloud Security Alliance.

Trusted Cloud Provider
Learn more
ISO 9001
For a quality management system (QMS). This applies to Avaya’s design, development, sales, delivery, implementation, and services of our communication solutions. View or download the certification and scope at Certification by Schellman.

ISO 27001
Information security standard. This applies to AXP Public, AXP Private with AEC, and the Avaya Managed Services Platform. View or download the certifications with scope at Any Certification by Schellman.

HIPAA Compliance
To support customers in the health care industry, Avaya has implemented the appropriate security controls on Avaya Experience Platform, Avaya Enterprise Cloud, and the Avaya Managed Services Platform to issue a Business Associate Agreement. View the Compliance Status of Avaya Services.

PCI compliance
To support customers that process credit card data, Avaya has implemented appropriate security controls on the Avaya Experience Platform, Avaya Enterprise Cloud and Avaya Managed Services Platform. View the Compliance Status of Avaya Services.

FedRAMP compliance
To support U.S. Government customers, Avaya has implemented appropriate security controls on Avaya Government Cloud.

Trusted Cloud Provider
Trusted Cloud Provider status for Avaya Spaces and Avaya Experience Platform obtained from the Cloud Security Alliance.
Digital Operational Resilience Act (DORA)
The Digital Operational Resilience Act (DORA) is an EU regulation that aims to enhance financial entities' IT security and operational resilience, including banks, insurance companies, and investment firms. DORA mandates stringent requirements for ICT risk management, incident reporting, operational resilience testing, third-party risk management, and information sharing.
Sustainability