Data Protection System for Identifying a Person in public clouds ISO/IEC 27018

We offer training, assistance in implementation and preparation for certification, as well as conducting audits.Practical rules for the protection of data identifying a person (PII) in public clouds ISO/IEC 27018

This system is intended for organizations:

• processing personal data in the clouds
• providing cloud services (cloud, data center)
• developing software for cloud and network solutions
• public and private entities, state administration units and non-profit organizations that provide other organizations with information processing services in the form of cloud computing, in accordance with the concluded service contract

The ISO/IEC 27018 standard entered into force in 2017 and is related to the requirements of the GDPR.

The ISO/IEC 27018 standard is designed to help organizations develop, implement, maintain and improve a Personal Identification Data Protection System (PII) in public clouds. It specifies a number of requirements and rules for cloud data processing, which are to prevent unauthorized leakage of personal data and limit redundant access. The standard also provides guidelines for the implementation of the above-mentioned measures, i.e. how to apply them, using international practice.

Steps to implement ISO/IEC 27018 with IKMJ

Step 1: ISO/IEC 27018 pre-audit and management system implementation valuation

Step 2: Development of personal data protection (PII) documentation in public clouds in accordance with ISO/IEC 27018

Step 3: Train Internal Auditors, Managers and Staff

Step 4: Implementation of the management system documentation according to ISO/IEC 27018

Step 5: Audits of the Management System (ISO/IEC 27018 and ISO 19011 standards)

Step 6: Corrective actions in accordance with ISO/IEC 27018

Step 7: Guarantee of obtaining certification

Step 8: ISO/IEC 27018 certified