|Reference||ISO/IEC 27018 ed1.0 withdrawn corrigendum||
|Title||Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors|
|Abstract||ISO/IEC 27018:2014 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.
In particular, ISO/IEC 27018:2014 specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the protection of PII which might be applicable within the context of the information security risk environment(s) of a provider of public cloud services.
ISO/IEC 27018:2014 is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations, which provide information processing services as PII processors via cloud computing under contract to other organizations.
The guidelines in ISO/IEC 27018:2014 might also be relevant to organizations acting as PII controllers; however, PII controllers can be subject to additional PII protection legislation, regulations and obligations, not applying to PII processors. ISO/IEC 27018:2014 is not intended to cover such additional obligations.
|Technical Committee||JTC 1/SC 27 - IT security techniques|
|Work in progress||
Quick access by ref. number
|Your basket is empty|
|Accepted credit cards:|
|Prices in CHF (Swiss francs)|
|Request a pro forma to pay by bank transfer or cheque|
|Learn how to share your publications with your colleagues, using networking options|
- CISPR 16-SER Ed. 1.0
- IEC 62489-1-am1 Ed. 1.0
- IEC 60901-am6 Ed. 2.0
- CISPR 16-1-6 Ed. 1.0
- CISPR 16-1-5 Ed. 2.0
- IEC 62489-1 Ed. 1.1
- ISO/IEC 24775-5 Ed. 1.0