Expert Advice Community

Guest

ISO 27001-ISO 27017 and ISO 27018

  Quote
Guest
Guest user Created:   May 20, 2020 Last commented:   May 20, 2020

ISO 27001-ISO 27017 and ISO 27018

Our company is ISO 27001-2013 certified and also attested 27018 and 27017.
The question is if we move our apps into the cloud, will this revoke our certificate - we can not claim that we are ISO certified ?!
My personal opinion, No, we still are certified and will continue be certified as long as all our security controls are in place and we are taking all necessary measures and keeping monitoring the effectiveness of our control

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 20, 2020

 If these apps you mentioned are not negatively affecting your ISMS scope by going into the cloud, or if their impacts are considered in the ISMS in a way that the related risks are acceptable, e.g., by the application of proper controls, then your assumption is correct, and your ISO 27001 certification is not at risk.

These articles will provide you a further explanation about ISO 27001 scope:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 20, 2020

May 20, 2020

Suggested Topics

Guest user Created:   Jul 26, 2019 ISO 27001 & 22301
Replies: 1
0 0

Implementation support

Guest user Created:   Aug 11, 2018 ISO 27001 & 22301
Replies: 1
0 0

Toolkits and CSA CCM