Shopping cart 0
Standard

ISO/IEC 27018:2014

Withdrawn

Note: This standard has a draft: ISO/IEC FDIS 27018

Preview

Corrigendums and amendments are bought separately.

Language
Services

Abstract

ISO/IEC 27018:2014 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment. In particular, ISO/IEC 27018:2014 specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the protection of PII which might be applicable within the context of the information security risk environment(s) of a provider of public cloud services. ISO/IEC 27018:2014 is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations, which provide information processing services as PII processors via cloud computing under contract to other organizations. The guidelines in ISO/IEC 27018:2014 might also be relevant to organizations acting as PII controllers; however, PII controllers can be subject to additional PII protection legislation, regulations and obligations, not applying to PII processors. ISO/IEC 27018:2014 is not intended to cover such additional obligations.

Document information

  • Standard from ISO
  • Published:
  • Withdrawn:
  • Expires:
  • Edition: 1
  • Version: 1
  • Document type: IS
  • Pages
  • ICS 35.030
  • ISO TC ISO/IEC JTC 1/SC 27

Product Relations

Product life cycle