The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies.
ISO/IEC 27018 relates to one of the most critical components of cloud privacy: the protection of personally identifiable information (PII). This standard focuses in two ways on security controls for public-cloud service providers that process PII:
- Builds upon existing ISO/IEC 27002 controls by adding specific items for cloud privacy
- Provides entirely new security controls for personal data