• Search
  • DS/ISO/IEC 27018:2014

DS/ISO/IEC 27018:2014 ( Withdrawn )

Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors


Status:
Withdrawn
Type:
Standard
Language:
English
Subject:
Replaced by:
Price from:
€ 86.01

Scope

ISO/IEC 27018:2014 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.
In particular, ISO/IEC 27018:2014 specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the protection of PII which might be applicable within the context of the information security risk environment(s) of a provider of public cloud services.
ISO/IEC 27018:2014 is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations, which provide information processing services as PII processors via cloud computing under contract to other organizations.
The guidelines in ISO/IEC 27018:2014 might also be relevant to organizations acting as PII controllers; however, PII controllers can be subject to additional PII protection legislation, regulations and obligations, not applying to PII processors. ISO/IEC 27018:2014 is not intended to cover such additional obligations.

Number of pages: 36

Published: 2014-09-12

Date of approval: 2014-09-02

Date of withdrawal: 2019-01-24

International relationships : ISO/IEC 27018:2014 IDT

ICS: 35.040 - Character sets and information coding

Item number: M283804


Committees

Committee

  • ISO/IEC/JTC 1/SC 27
  • ISO/IEC/JTC 1/SC 27/WG 5

Danish committee

DS/S-441