At TikTok, the top priority is the safety, security, and privacy of the community. They are always working to enhance and advance our security efforts to safeguard the platform as a destination for self expression, creativity, and joy. That’s why TikTok is proud to announce that they are officially ISO 27001 certified in the US and UK, with Singapore, Ireland, and India soon to follow! The ISO certification is one of the most globally recognized information security standards, demonstrating our investment in the people, processes, and technology to keep our global community safe.
A critical part in building a world class global security organization includes testing their defenses by collaborating with external partners. TikTok continues to welcome security, privacy, and policy experts to review their code and algorithm at TikTok’s Transparency and Accountability Center. During the ISO certification process, independent third party auditors performed a series of rigorous checks to confirm TikTok’s global security, risk, and controls operations meet the highest standards. Core to this was evaluating how they protect their platform’s infrastructure, development, operations, and services, including:
- Demonstrating evidence of implementing and maintaining an effective Information Security Management System (ISMS) to safeguard data
- Validating a range of security controls to show TikTok’s alignment with security best practices
- Cross-functional collaboration across security, IT, legal, privacy, and HR teams to build a culture of security awareness
Achieving the ISO 27001 certification is another step in our comprehensive security journey, and this important work is ongoing, and always will be. TikTok remains focused on taking their efforts to the next level and leading the industry by persistently investing, iterating, and upholding their commitments to protect the vibrant TikTok community.