Expert Advice Community

Home / ISO 27001 & 22301 / Cloud service customers and ISO 27018

Guest

Cloud service customers and ISO 27018

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Sep 17, 2016 Last commented:   Sep 17, 2016

Cloud service customers and ISO 27018

ISO 27001 & 22301
Can cloud service customers be certified against ISO 27018?
0 0

Assign topic to the user

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.

ISO 27001 FOUNDATIONS COURSE

Everything you need to know about ISO 27001.
Expert
Rhand Leal Sep 17, 2016

Answer:

ISO 27018 is not a certifiable standard. It is a code of practice that can be used to support certifiable management systems, like ISO 27001 for information security management systems. For more information click [here]( https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/)
So, a cloud service customer could be certified against ISO 27001 and include in his/her Statement of Aplicability (SOA) controls with ISO 27018 recomendations, but this decision is up to him/her, and cannot be enforced. To know more about SOA click [here](https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/)

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 17, 2016

Sep 17, 2016

Suggested Topics
Guest user Created:   Dec 02, 2016 ISO 27001 & 22301
Replies: 1
0 0

ISO 27017 and ISO 27018 implementation
Guest user Created:   Jun 14, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 toolkit
Guest user Created:   Jun 08, 2022 ISO 27001 & 22301
Replies: 1
0 1

Advisera ISO toolkit ISO27017 ISO27018