You're safe with us

The System and Organisation Controls (SOC) framework, developed by the American Institute of Certified Public Accountants (AICPA), based on the AICPA Trust Service Principles and Criteria, validates service organisations’ internal controls implemented to protect customer-owned data.

Maersk has successfully completed the AICPA Service Organisation Control SOC 2 Type II audit. The audit confirms that Maersk’s information security practices, policies, procedures, and operations meet the SOC standards for security, availability, and confidentiality. Our adherence with these standards is validated annually by an external audit. We are able to assure our customers that, whichever Maersk service they utilise, their data is protected to the highest industry Cyber Security standards.

*Certificate available on request.

The International Standards Organisation (ISO) is an independent, non-governmental organisation with a membership of 164 national standards bodies. The ISO goal is to ensure that delivered products and services are safe, reliable and of good quality, with ISO 27001 being the industry standard for maintaining an effective Information Security Management System (ISMS).

Maersk has been independently assessed and certified to the ISO 27001:2013 standard for all infrastructure and applications supporting authentication services on the Maersk.com digital platform.

*Certificate available on request.

The UK Cyber Essentials Plus certification helps guard against the most common cyber threats and demonstrates Maersk's commitment to cyber security. It represents a higher level of security assurance than the basic Cyber Essentials certification. Cyber Essentials Plus provides extra reassurance for our public sector customers in the United Kingdom.

*Certificate available on request.

The European Union created the status of Authorised Economic Operator (AEO) in order to grant customs flexibilities and priority treatment to companies able to demonstrate the security of their import and export procedures.

In October 2008 A.P. Moller-Maersk received AEO-F certification. This certification gives us a strengthened partnership with customs and greater responsibility for fraud prevention and managing safety and security risks. AEO status assures our business partners that we fully adhere to safety and security standards, making the supply chain safer.

Maersk is AEO certified in 25 countries (Sweden, Norway, United Kingdom, Germany, Belgium, Netherlands, Indonesia, Spain, Poland, Denmark, Italy, Switzerland, France, Thailand, Czech Republic, Austria, Kenya, United Arab Emirates, Ireland, Slovenia, Israel, Finland, Uganda, Portugal, China) and aims to become a trusted partner of Customs at a global level. We are also CTPAT certified in the United States and Canada, an equivalent of AEO.

At Maersk we limit our exposure to cardholder data by using third party payment gateways and payment processors. We however ensure that these payment gateways/processors are secure and are PCI DSS complaint. Self-Attestation Questionnaires (SAQs) are completed for our Acquiring Banks as requested or applicable in a particular region where we process card payments.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) Customer Security Programme (CSP) is a set of suggested and mandatory controls that all institutions that are SWIFT customers must comply with. The SWIFT CSP program aims at detection and prevention of fraudulent activity by means of a set of mandatory security controls defined under the SWIFT Customer Service Control Framework (CSCF) and community-wide information sharing initiative.

Customs-Trade Partnership Against Terrorism (C-TPAT) is a United States Customs and Border Protection (CBP) initiative. C-TPAT is a voluntary program where participants work to protect supply chains from the concealment of terrorist weapons, including weapons of mass destruction. This partnership is for organizations involved in the global supply chain including United States importers, customs brokers, terminal operators, carriers and foreign manufacturers.

A.P. Moller-Maersk Line has held C-TPAT as a marine carrier since July 2002.

Trusted Information Security Assessment Exchange (TISAX) is an assessment and exchange mechanism for information security in the automotive industry. The TISAX label confirms that a company’s information security management system complies with defined security levels and allows sharing of assessment results across a designated platform.

Maersk is working closely with the automotive sector to ensure that we meet all their requirements.