Professional Documents
Culture Documents
BCM Adriatic 2015 Neven - Kranjcec
BCM Adriatic 2015 Neven - Kranjcec
Neven Kranjčec
Senior Consultant
Agenda
• Introduction
• Scope of 27018
• Methodology
• Context
• Requirements
• Structure
• Principles
• Sector-specific examples
• Conclusion
2
ISO/IEC 27018
published in
2014/08
• Title
• Code of practice for PII protection in public
clouds acting as PII processors
• PII=Personally Identifiable Information
• ISO/IEC JTC1 SC27 WG5
• Information technology, Security techniques,
Identity management and privacy technologies
3
SC 27
4
WG5
5
Scope
• Objective
• To create a common set of security
categories and controls that apply to a public
cloud computing service provider
• To meet the requirements for the protection of
PII
6
Methodology
7
Context
8
Ecosystem
9
Requirements
10
27002 structure
11
29100 principles
12
sector-specific examples
13
Conclusion