ISO 27018 Services
ISO 27018, also known as ISO/IEC 27018 Code of Practice for Protection of Personally Identifiable Information (PII) in Public Clouds Acting as PII Processors, is a standard designed for cloud computing organizations. The guidance within ISO 27018 has controls designed specifically for Cloud Service Providers who handle personally identifiable information.
This standard creates an additional level of customer confidence, specifically when working with organizations who handle sensitive information, by providing the practical application of minimum protection standards that should be implemented, to maximize client and end-user assurance.
About ISO 27018 Services
ISO 27018 augments existing ISO 27002 controls to provide detailed guidance for how to approach cloud privacy and the security of personal information. There are several new controls specifically for cloud privacy that are in addition to the controls defined in the ISO 27001 and ISO 27002 standards including:
- Customer and end-user control of personal information
- Restrictions on the disclosure and access of personal information to third-parties
- Treatment of media containing personally identifiable information
By including these controls in the scope of your ISO 27001 certification, organizations can demonstrate their conformance to this cloud-specific standard. To learn more about the ISO 27001 certification process, click here.
ISO 27018 Solutions Tailored to Your Company
Choosing A-LIGN as your partner benefits your organization by:
- Offering controls tailored specifically for cloud organizations handling PII.
- Providing you with our experienced team of auditors with extensive knowledge and experience in ISO 27018.
- Demonstrating the maturity of your cloud environment’s information security management system.
The A-LIGN Edge
Our customized compliance solutions and streamlined audit process allow you to meet all of your audit and compliance needs with a single service provider. One-stop shopping means a stress-free audit process for you, as you work with one team who understands the unique needs of your organization. See what our clients have to say: