ISO/IEC 27018:2019
Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
What is ISO/IEC 27018:2019?
ISO/IEC 27018:2019 is a set of guidelines and controls that enhance ISO 27001 (the standard for building an information security management system or ISMS), and is created specifically for data privacy in cloud computing.
ISO/IEC 27018:2019 is to establish controls, and guidelines for implementing measures to protect Personally Identifiable Information (PII).
ISO/IEC 27018:2019 helps cloud service providers to better manage the data security risks unique to PII in cloud computing.
Who can apply for ISO/IEC 27018:2019?
This certification is applicable to all types and sizes of organizations, including public and private
companies, government entities and not-for-profit organizations, which provide information
processing services as PII processors via cloud computing under contract to other organizations.