What is the ISO/IEC 27018:2019 standard?

ISO/IEC 27018:2019 is a code of practice that helps provide protection for personally identifiable information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

The standard specifies how public cloud service providers (CSPs) should protect PII in the cloud, particularly when it comes to the international transfer of PII. The standard also defines technical measures that cloud service providers can use to protect PII in the cloud.

Download the ISO/IEC 27018:2019 certificate.


How does ISO/IEC 27018:2019 relate to other standards?

ISO/IEC 27001:2013 provides the foundation for information security management best practices and guidance on the implementation of security techniques.

ISO/IEC 27002:2013 provides guidance on the implementation of security techniques.

ISO/IEC 27017:2015 provides guidance on information security controls for the provision and use of cloud services.

ISO/IEC 29100:2011 sets out the basic concepts and principles relating to privacy and data protection for the design and implementation of privacy controls.

Download additional compliance reports from the Exoscale compliance center.


Contact our Compliance Team

A doubt? Unsure if we comply to a specific regulation not listed here?

Contact our Compliance Team and let us know your requirements. It may be covered by other certifications or regulations we comply to.