ISO/IEC 27018:2019

Share This Post


ISO/IEC 27018:2019
Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors

What is ISO/IEC 27018:2019?
ISO/IEC 27018:2019 is a set of guidelines and controls that enhance ISO 27001 (the standard for building an information security management system or ISMS), and is created specifically for data privacy in cloud computing.

ISO/IEC 27018:2019 is to establish controls, and guidelines for implementing measures to protect Personally Identifiable Information (PII).

ISO/IEC 27018:2019 helps cloud service providers to better manage the data security risks unique to PII in cloud computing.

Who can apply for ISO/IEC 27018:2019?
This certification is applicable to all types and sizes of organizations, including public and private
companies, government entities and not-for-profit organizations, which provide information
processing services as PII processors via cloud computing under contract to other organizations.


Why is ISO/IEC 27018:2019 important?

  • In addition to protecting your reputation, ISO/IEC 27018:2019 assures your customers and
    stakeholders that their personal information and data are being handled responsibly.
  • Ensure the highest level of security for personal information in order to maintain a competitive edge.
  • Enhances your brand and reduces the risk of adverse publicity due to data breaches.
  • Identity and mitigate risk by having stringent privacy controls in place
  • Ensures compliance to local regulations, hence reducing the risk of fines for data breaches.

Let GICG help you to position your brand differently! Speak to us today!


Scroll to Top