ISO 22301 Certification Overview

About ISO 22301

ISO/IEC 22301 Business Continuity Management helps organizations understand and prioritize the threats to business with the international standard for business continuity. ISO/IEC 22301 specifies the requirements for a management system to protect against, reduce the likelihood of, and ensure your business recovers from disruptive incidents.

Read More

ISO 27018 Certification Overview

About ISO 27018

ISO/IEC 27018 is a unique information technology code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors. The cloud offers organizations and consumers a variety of benefits: cost savings, flexibility and mobile access to information top the list. It also raises concerns about data protection and privacy; particularly around personally identifiable information (PII).

PII includes any piece of information that can identify a specific user. The more obvious examples include names and contact details or your mother’s maiden name. But elements that people may not readily think of are medical records, IP addresses and banking statements.

Used with ISO/IEC 27001, ISO/IEC 27018 has been published to allow Cloud Service Providers whose infrastructure is certified to the standard to tell their existing and potential customers that their data is safeguarded and won’t be used for any purposes for which they don’t specifically give consent.

Read More

ISO 27017 Certification Overview

About ISO 27017

ISO/IEC 27017 is a unique technology standard in that it provides requirements for the customer as well as the cloud service provider. IT Managers and other technical staff responsible for moving organizations to the cloud or expanding a cloud service engagement can reduce risks to their business by ensuring they understand their responsibilities and make more insightful decisions around their choice of providers.

Used with ISO/IEC 27001 series of standards, ISO/IEC 27017 provides enhanced controls for cloud service providers and cloud service customers. Unlike many other technology-related standards, ISO/IEC 27017 clarifies both party’s roles and responsibilities to help make cloud services as safe and secure as the rest of the data included in a certified information management system.

Read More