ISO/IEC 27018

ISO (International Organization for Standardization)
IEC (International Electrotechnical Commission)

What is ISO/IEC 27018 ?

ISO/IEC 27018 is a security standard and was the first international standard regarding the privacy in cloud computing services. It was published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). 

ISO is an independent, non-governmental international organization with a membership of 165 national standards bodies. Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, market relevant international standards that support innovation and provide solutions to global challenges. 

This document establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with the privacy principles in ISO/IEC 29100 for the public cloud computing environment. 

ISO/IEC 27018 applies to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations, which provide information processing services as PII processors via cloud computing under contract to other organizations. 

This solution will help your organisation to fulfill the requirements of this standard.