06-18-2018 05:22 AM - edited 06-19-2018 12:12 AM
The Microsoft Trust senter is a good place to get information regarding security certifications. The security whitepaper a good place for security related issues for Power BI.
Also https://servicetrust.microsoft.com/ComplianceManager Compliance manager is a good tool to do risk assesments and se Microsofts own assesment. Here Power BI and Power BI for Offic365 is in scope for Office 365.
However I fail to understand if the certifications going under product/service Power BI also includes the On-premises gateway, or if the gateway is treated as a separate product. Since I do not know, I do not know if the gateway is ISO27001 certificatified.
An answer here and some clarificaiton in Trust Senter and the security whitepaper would be appreciated.