Expert Advice Community

Home / ISO 27001 & 22301 / Cloud service customers and ISO 27018

Guest

Cloud service customers and ISO 27018

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Sep 17, 2016 Last commented:   Sep 17, 2016

Cloud service customers and ISO 27018

ISO 27001 & 22301
Can cloud service customers be certified against ISO 27018?
0 0

Assign topic to the user

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Sep 17, 2016

Answer:

ISO 27018 is not a certifiable standard. It is a code of practice that can be used to support certifiable management systems, like ISO 27001 for information security management systems. For more information click [here]( https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/)
So, a cloud service customer could be certified against ISO 27001 and include in his/her Statement of Aplicability (SOA) controls with ISO 27018 recomendations, but this decision is up to him/her, and cannot be enforced. To know more about SOA click [here](https://advisera.com/27001academy/knowledgebase/the-importance-of-statement-of-applicability-for-iso-27001/)

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 17, 2016

Sep 17, 2016

Suggested Topics
Guest user Created:   Dec 02, 2016 ISO 27001 & 22301
Replies: 1
0 0

ISO 27017 and ISO 27018 implementation
Guest user Created:   Jun 14, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 toolkit
Guest user Created:   Jun 08, 2022 ISO 27001 & 22301
Replies: 1
0 1

Advisera ISO toolkit ISO27017 ISO27018