Privacy controls
Assign topic to the user
Answer: ISO 27001 has the control A.18.1.4 (Privacy and protection of personally identifiable information) in its Annex A that is directly linked to privacy and protection of personally identifiable information. Regarding this issue, I can suggest you the following materials:
- ISO 27001 vs. ISO 27018 – Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/
- Data Privacy Protection, ISO 27001 and CISPE Code of Conduct https://advisera.com/27001academy/blog/2016/10/31/data-privacy-protection-iso-27001-and-cispe-code-of-conduct/
- Does ISO 27001 implementation satisfy EU GDPR requirements? https://advisera.com/27001academy/blog/2016/10/17/does-iso-27001-implementation-satisfy-eu-gdpr-requirements/
I also suggest you to take a look at the free demo of our ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit at this link: https://advisera.com/27001academy/iso-27001-iso-27017-iso-27018-cloud-documentation-toolkit/
This toolkit can provide you templates ans expert support to implement an ISMS with more detailed controls regarding privacy issues.
Comment as guest or Sign in
Sep 18, 2017