ISO 27018 is a framework designed to protect personally identifiable information (PII) when operating in a public cloud environment. The controls are in alignment with ISO/IEC 27018 guidance. ISO 27018 supports mandatory regulations for the protection of PII in line with the privacy principles established in ISO 29100 for the public cloud environment.

How It Works

ISO 27018 protects the privacy of personally identifiable data for companies that process PII under contract to other organizations via cloud computing.

The Risk Cloud Controls Repository allows you to download the ISO 27018 control framework and easily apply it to your risk program right in the platform.

Why You Need It

• Guide your implementation of security controls for data privacy regulation
• Protect your customer and prospects’ PII
• Foster confidence with your stakeholders and customers that their PII is being handled with care