• There are no items in your cart

I.S. EN ISO/IEC 27018:2020

Current
Current

The latest, up-to-date edition.

Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors (ISO/IEC 27018:2019)
Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

06-14-2020

Preview

For Harmonized Standards, check the EU site to confirm that the Standard is cited in the Official Journal.

Only cited Standards give presumption of conformance to New Approach Directives/Regulations.

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Overview
5 Information security policies
6 Organization of information security
7 Human resource security
8 Asset management
9 Access control
10 Cryptography
11 Physical and environmental security
12 Operations security
13 Communications security
14 System acquisition, development and maintenance
15 Supplier relationships
16 Information security incident management
17 Information security aspects of business continuity management
18 Compliance
Annex A (normative) Public cloud PII processor extended control set for PII protection
Bibliography

This document establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

Committee
ISO/IEC JTC 1
DocumentType
Standard
Pages
44
ProductNote
The date of any NSAI previous adoption may not match the date of its original CEN/CENELEC document. THIS STANDARD ALSO REFERS TO NIST SP 800-53, NIST SP 800-122, NIST SP 800-144
PublisherName
National Standards Authority of Ireland
Status
Current

Standards Relationship
ISO/IEC 27018:2019 Identical
EN ISO/IEC 27018:2020 Identical

View more information
US$46.04
Excluding Tax where applicable

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.