UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC 27018

Information technology - Security techniques - Code of practice for PII protection in public cloud acting as PII processors

inactive
Buy Now
Organization: ISO
Publication Date: 7 January 2014
Status: inactive
Page Count: 32
ICS Code (Information coding): 35.040
scope:

This International Standard establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

In particular, this International Standard specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the protection of PII which might be applicable within the context of the information security risk environment(s) of a provider of public cloud services.

This International Standard is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations, which provide information processing services as PII processors via cloud computing under contract to other organizations.

The guidelines in this International Standard might also be relevant to organizations acting as PII controllers; however, PII controllers might be subject to additional PII protection legislation, regulations and obligations, not applying to PII processors. This International Standard is not intended to cover such additional obligations.

Document History

ISO/IEC 27018
January 1, 2019
Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
This document establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with the privacy...
ISO/IEC 27018
January 7, 2014
Information technology - Security techniques - Code of practice for PII protection in public cloud acting as PII processors
This International Standard establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with...

References

This document references:
ISO/IEC 27000 - Information technology - Security techniques - Information security management systems - Overview and vocabulary
Published by ISO on February 1, 2018
This document provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is...
This document references:
ISO/IEC 29100 - Information technology - Security techniques - Privacy framework
Published by ISO on December 15, 2011
This International Standard provides a privacy framework which - specifies a common privacy terminology; - defines the actors and their roles in processing personally identifiable information (PII);...
This document references:
ISO/IEC 27002 - Information technology - Security techniques - Code of practice for information security controls TECHNICAL CORRIGENDUM 2
Published by ISO on November 15, 2015
A description is not available for this item.
This document references:
ISO/IEC 27001 - Information technology - Security techniques - Information security management systems - Requirements
Published by ISO on October 1, 2013
This International Standard specifies the requirements for establishing, implementing, maintain and continually improving an information security management system within the context of the...
This document references:
ISO/IEC 27000 - Information technology - Security techniques - Information security management systems - Overview and vocabulary
Published by ISO on February 1, 2018
This document provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is...
This document references:
ISO/IEC 27005 - Information technology - Security techniques - Information security risk management
Published by ISO on July 1, 2018
This document provides guidelines for information security risk management. This document supports the general concepts specified in ISO/IEC 27001 and is designed to assist the satisfactory...
This document is referenced by:
ITU-T Y.3502 - Information technology – Cloud computing – Reference architecture
Published by ITU-T on August 1, 2014
This Recommendation | International Standard specifies the cloud computing reference architecture (CCRA). The reference architecture includes the cloud computing roles, cloud computing activities,...
This document is referenced by:
ITU-T X.1631 - Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services
Published by ITU-T on July 1, 2015
This Recommendation | International Standard gives guidelines for information security controls applicable to the provision and use of cloud services by providing: – additional implementation...
This document is referenced by:
BS EN ISO/IEC 27017 - Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services
Published by BSI on December 31, 2015
A description is not available for this item.
This document is referenced by:
SR 003 391 - Cloud Standards Coordination Phase 2; Interoperability and Security in Cloud Computing
Published by ETSI on February 1, 2016
The present document presents the initial results of the analysis of interoperability and security in Cloud Computing
View Less
View All
Advertisement