Question about ISO 27018 certification
I am trying to determine if ISO 27018 is certifiable same as ISO27001. If not how are companies saying they have a certificate. How does that work?
Assign topic to the user
ISO 27018 is not a certifiable standard. It can be used to support the implementation of controls of ISO 27001 Annex A (this one is a certifiable standard), providing additional guidance to implement security practices to protect privacy in the cloud.
What happens is that some certification bodies issue unofficial ISO 27018 certificates, but only together with an official ISO 27001 certificate.
This article will provide you a further explanation about ISO 27018:
- ISO 27001 vs. ISO 27018 – Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/
Comment as guest or Sign in
Jul 22, 2020