Our Amazon Multi-Channel Fulfillment (MCF) and Buy with Prime merchants entrust us to protect critical assets that are core to their business and mission. These assets include inventory and data, which means that safeguarding them is a priority for us.
Amazon successfully achieved updated ISO 27001:2022 certification for Multi-Channel Fulfillment and Buy with Prime in 2024.
ISO 27001 is a rigorous, third-party independent assessment of the international standard for Information Technology Security. Published by the International Organization for Standardization (ISO), ISO 27001 is a widely-adopted global security standard that sets requirements and best practices for managing company and customer information based on periodic risk assessments appropriate to ever-changing threat scenarios. While Amazon held an ISO 27001:2013 certification for Buy with Prime and MCF, ISO 27001:2022 is a significant development from the 2013 certification, with changes that address the evolving threats and complexities of information security. ISO 27001:2022 adds 11 new controls to address modern security challenges, including physical security monitoring, readiness for business continuity, and web filtering.
To achieve the certification, an organization must show it has a systematic and ongoing approach to managing information security risks that affect the confidentiality, integrity, and availability of company and customer information. This certification reinforces Amazon’s commitment to providing transparency into our security controls and assures merchants that we follow industry-leading security best practices.
Schellman & Company, LLC, an independent, industry recognized auditor, originally issued the certificate on November 8, 2024. The scope of the ISO 27001:2022 certificate includes MCF, Buy with Prime, and Supply Chain Portal. You can view and download Amazon’s 27001:2022 certificate for MCF and Buy with Prime on demand online.
