Expert Advice Community

Guest

ISO 27017 and ISO 27018 certification

  Quote
Guest
Guest user Created:   Jun 28, 2019 Last commented:   Jun 28, 2019

ISO 27017 and ISO 27018 certification

1. Do you know if we certify in ISO 27017 and ISO 27018 how long the certification is for?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 28, 2019

Answer: First it is important to note that ISO 27017 and ISO 27018 are not certifiable standards (some certification bodies "certify" against ISO 27017 and ISO 27018, but only during an ISO 27001 certification process, because ISO 27001 is the only certifiable standard in the ISO 27000 series).

Considering that, the ISO 27001 certification is valid for three years.

These articles can provide further information:
- What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
- ISO 27001 vs. ISO 27017 – Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
- ISO 27001 vs. ISO 27018 – Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/

2 . Are there surveillance audits every year as with ISO 27001?

Answer: If your certification body includes in the certification an statement that you are also compliant with ISO 27017 and ISO 27018, the surveillance audits will be the same as for a normal ISO 27001 certification, normally one each year.

This article will provide you further explanation about surveillance audit:
- Surveillance visits vs. certification audits https://advisera.com/27001academy/knowledgebase/surveillance-visits-vs-certification-audits/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 28, 2019

Jun 28, 2019

Suggested Topics