-
Solutions
-
Airlines
-
Airports
-
Border Authorities
-
Corporate Travel & Expense
-
Integrations
-
Travel Sellers
-
-
Payments & e-invoicing
-
AI at AmadeusDriving integration, scalability, trust and integrity across the travel industry.
Learn more -
Unlocking the power of AI agents in travelIn this whitepaper, Amadeus and Microsoft explore how AI agents and modern data platforms are improving travel at every stage.
Learn more
-
-
Support & Training
-
Already a customer?Log into Amadeus Service Hub for product news, learning materials, and customer support.
Login
-
-
-
Transforming travel with AIOur partnership with Microsoft accelerates our Cloud journey and unlocks new, AI‑powered innovations that strengthen and elevate the travel industry.
Learn more -
Landmark partnership between Amadeus and Google CloudLearn how this collaboration strengthens Amadeus' multi-cloud approach and AI innovation to improve efficiency, reliability and growth in travel.
Learn more
-
-
-
Trending Topics
-
Connected journeys: How will technology transform travel in the next decade?From AI-driven planning and biometric check-ins to smarter disruption management.
Read the report -
Six travel trends that will redefine how we travel in 2026 and beyondAmadeus, in collaboration with Globetrender, unveils the tech, policy and innovation coming to transform the face of travel.
Discover now
-
-
Company
-
About Amadeus
-
Careers
-
Innovation
-
Sustainability
Learn how we’re working to make travel a force for good.
-
Amadeus Global ReportGain insights into Amadeus' 2025 business, financial performance, and sustainability.
Read the report -
-
-
- Home
- Privacy and Legal Notices
- Amadeus IT Compliance Reports and Certificates Repository
Amadeus IT Compliance Reports and Certificates Repository
In this portal, our independent audit reports and certificates which provide information about Amadeus’ IT Compliance requirements, such as International Organization for Standardization (ISO), Payment Card Industry Standards (PCI) and System and Organization Controls (SOC), are available. Customers may request copies of these reports and certificates through this portal. Please note that some reports require internal Amadeus approval and signature of a non-disclosure agreement.
SOC Audit Report
The System and Organization Controls (SOC) framework was developed by the American Institute of Certified Public Accountants (AICPA). SOC reports are internal control reports that are generated by Certified Public Accountants (CPAs) after they audit the services provided by a service organization. SOC reports can help companies assess and address the risks that are associated with vendors who provide an outsourced service.
At Amadeus we provide:
- SOC 1- audit of the internal controls at a service organization, implemented to protect data that is relevant for financial reporting. SOC 1 audits and reports are based on the Statement on Standards for Attestation Engagements (SSAE 18) and the International Standards for Assurance Engagements No. 3402 (ISAE 3402).
- SOC 2- audit that is based on the AICPA Trust Service Principles and Criteria to gauge service organization internal controls that are implemented to protect customer-owned data. SOC 2 reports provide details about the nature of those internal controls
Customers can request Amadeus’ SOC1 and SOC2 reports using the link at the top or bottom of this page.
ISO/IEC 27001 Certification
The ISO/IEC 27000 family of standards provides a framework for policies and procedures that include the controls involved in an organization’s information risk management processes. The ISO/IEC 27001 security standard specifies an Information Security Management System (ISMS) consisting of the policies, procedures, guidelines, and associated resources and activities, collectively managed by an organization, in the pursuit of protecting its information assets. As a formal specification, it mandates requirements that define how to implement, monitor, maintain, and continually improve the ISMS. Certification to ISO/IEC 27001 helps organizations comply with numerous regulatory and legal requirements that relate to information security.
The ISO 27001 certification details can be viewed here:British Standards Institute - Certificate evidence.
Customers can also request Amadeus’ ISO 27001 Certificate using the link at the top or bottom of this page.
PCI DSS Certification
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store or transmit credit card information maintain a secure environment.
The Payment Card Industry Security Standards Council (PCI SSC), launched in 2006 and driven by the credit card brands, manages the ongoing evolution of the standards.
Amadeus is a PCI DSS Certified Service Provider since 2009 and is certified with the current version of PCI DSS. Compliance validation is performed by an external Qualified Security Assessor (QSA) and certification needs to be revalidated on a yearly basis.
Amadeus is listed on theVISA Global Registry of Service Providers and in the Mastercard SDP Compliant Registered Service Provider list, which can be found (by scrolling down to view the PDF file) directly on theMastercard sitein the following section:
Customers can also request the latest Amadeus PCI DSS Certificates and Attestations of Compliance using the link at the top or bottom of this page.