Get FREE 12-month access to the AI-Powered Knowledge Base worth $450
with your ISO 27001 toolkit purchase
Limited-time offer – ends June 27, 2024

Expert Advice Community

Guest

Differences between ISO 27017 and ISO 27018

  Quote
Guest
Guest user Created:   Jul 05, 2016 Last commented:   Jul 05, 2016

Differences between ISO 27017 and ISO 27018

Can you please explain the difference between ISO 27017, ISO 27018 and the document controls and assurance in the cloud using COBIT 5.
11 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
Antonio Jose Segovia Jul 05, 2016

Answer:
Sure, the main difference is that ISO 27017 is about information security controls for cloud services (generic), and ISO 27018 is specifically developed for protecting privacy in the cloud.

Regarding document controls and assurance in the cloud using COBIT 5, we do not have specific information about this, because we are expert in ISO standards (27001, ISO 27002, ISO 22301), and the philosophy of COBIT is a bit different (has a different scheme of certification), and also remember that COBIT is specific developed for IT governance, so I am not sure if it is the best option for you.

Concluding: If you are interested in the security of cloud computing, ISO 27017 and ISO 27018 are specific standards developed for this, and also are compatible with ISO 27001 (Information Security Management System) and ISO 38500 (Governance of Information Security).

By the way, these articles can be interesting for you:

"ISO 27001 vs. ISO 27017 - Information security controls for cloud services" : https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/

"ISO 27001 vs. ISO 27018 - Standard for protecting privacy in the cloud" : https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/

Finally, remember that our online course is very interesting to learn the fundaments of ISO 27001 “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/

Quote
0 3

Comment as guest or Sign in

HTML tags are not allowed

Jul 05, 2016

Jul 05, 2016

Suggested Topics

Guest user Created:   Jun 23, 2018 ISO 27001 & 22301
Replies: 1
0 0

Knowledge base content

Guest user Created:   Dec 17, 2019 ISO 27001 & 22301
Replies: 1
0 0

Toolkit content

Ash Created:   Jan 21, 2024 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Internal Audits