Guest user Created: May 08, 2019 Last commented: May 08, 2019

ISO 27017/27018 controls

Following on from ISO 270017/18 docs combined with ISO 27001 - Are there any controls that only relate to SO 270017/18 and not 27001 ?

0 0

Assign topic to the user

Select user

Expert

Dejan Kosutic May 08, 2019

Answer:

The best way to see which controls are specific for ISO 27017 and ISO 27018 is to open a template Statement of Applicability (folder 06 Applicability of Controls in the ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit), and scroll to sections "3.2. ISO 27017 specific controls cloud services" and "3.3. ISO 27018 specific controls for processing Personally Identifiable Information (PII)" - there you will see controls from both of these standards.

To see which of the controls is covered in which of the templates in the toolkit, open the "List of documents" (a PDF document located in the root folder of the toolkit) - in the column "Relevant clauses in the standard" you will find the necessary information.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

May 08, 2019

Expert Advice Community