Expert Advice Community

Guest

Conformio and ISMS

  Quote
Guest
Guest user Created:   Apr 24, 2021 Last commented:   Apr 24, 2021

Conformio and ISMS

Sorry bother you so much, I've implemented the 9K, 14K and 18K a few times already but it's the first time on 27K.

So I've got another question for you.

I'm trying to achieve the 27001, 27017 and 27018 at the same time, which are the main ones for any SaaS company. 

So for instance, the Information Security Policy is mandatory for all of them, however when I open the doc we have in the platform it seems not to cover 27017 and 27018.

So my question is, should I request those specific docs straight for you? If we you guys have it as well.

There aren't many docs but they are important for the ISMS compliance.

Thanks one more time for your amazing help/work.

1 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Apr 24, 2021

First is important to note that unless you have specific requirements demanding the implementation of ISO 27017 and ISO 27018 (e.g., laws, regulations, or contracts), ISO 27001 is fully capable to provide required information security for cloud environments.

Considering that, to implement an ISMS compliant with ISO 27001, ISO 27017, and ISO 27018, the best approach would be to use the ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit, and do not use Conformio. Currently, Conformio does not cover ISO 27017 and ISO 27018 requirements.

In case you decide to use the toolkit you’d need to buy it, and since you are our existing customer, we can offer you a discount.

These articles will provide you a further explanation about ISO 27017 and ISO 27018:
- ISO 27001 vs. ISO 27017 – Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
- ISO 27001 vs. ISO 27018 – Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 24, 2021

Apr 24, 2021

Suggested Topics