Expert Advice Community

Guest

ISO 27017 and ISO 27018 certification

  Quote
Guest
Guest user Created:   Feb 02, 2018 Last commented:   Feb 02, 2018

ISO 27017 and ISO 27018 certification

In, 2018, can a organization be ISO27017 and ISO 27018 certified without being ISO27001 certified?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 02, 2018

Answer: Although there are some certification bodies issuing certificates for ISO 27017 and ISO 27018, these are unofficial (to ISO these standards are not certifiable), and cannot be issued without a formal ISO 27001 certification.

ISO27017 and ISO 27018 are support standards to ISO 27001, providing specific guidance and orientation on security controls form ISO 27001 Annex A that are applicable to cloud environments and Personally Identifiable Information.

These articles will provide you further explanation about ISO 27001, ISO 27017 and ISO 27018:
- WHAT IS ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
- ISO 27001 vs. ISO 27017 – Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
- ISO 27001 vs. I SO 27018 – Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 02, 2018

Feb 02, 2018

Suggested Topics