Differences between ISO 27017 and ISO 27018
Assign topic to the user
Answer:
Sure, the main difference is that ISO 27017 is about information security controls for cloud services (generic), and ISO 27018 is specifically developed for protecting privacy in the cloud.
Regarding document controls and assurance in the cloud using COBIT 5, we do not have specific information about this, because we are expert in ISO standards (27001, ISO 27002, ISO 22301), and the philosophy of COBIT is a bit different (has a different scheme of certification), and also remember that COBIT is specific developed for IT governance, so I am not sure if it is the best option for you.
Concluding: If you are interested in the security of cloud computing, ISO 27017 and ISO 27018 are specific standards developed for this, and also are compatible with ISO 27001 (Information Security Management System) and ISO 38500 (Governance of Information Security).
By the way, these articles can be interesting for you:
"ISO 27001 vs. ISO 27017 - Information security controls for cloud services" : https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
"ISO 27001 vs. ISO 27018 - Standard for protecting privacy in the cloud" : https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/
Finally, remember that our online course is very interesting to learn the fundaments of ISO 27001 “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jul 05, 2016