With GlobalSuite® allows an effective implementation of the ISO 27018 standard by being fully adapted to the requirements demanded by the standard, not only for companies that are certified in ISO 27001,but those that decide to address the implementation of both standards.
Guidance of services and processes through asset inventory. Configuration of dimensions and valuation levels.
Catalogue of configurable controls and summary of them, management settings, risk reassessment, parameterizable questionnaires.
Parameterization of probability and impact, risk assessment, cost analysis, asset threats and configurable.
Definition of acceptable risk, acceptable risk levels, risk listing, risk map, simultaneous or dependent risks.
It allows to manage the proposal of indicators, Differential Analysis, Declaration of Applicability, capacity management, management of changes and acquisitions, etc.
It allows you to track a history of each plan and assign metrics for tracking.
Make the most of GlobalSuite data® by performing an executive dashboard in a Business Intelligence tool such as Power BI.
It allows the control of all the documentation, in different formats, so that it serves as support in the management of the continuity of the company
The comprehensive dashboard enables the management and strategic control of the organization through different metrics and indicators.
Do you know how you need to extend the requirements of ISO 27001 and ISO 27002 to take cloud privacy protection into account?
ISO/IEC 27018provides a good practice basis for the protection of personally identifiable information (PII) in the cloud for organizations that act as processors of this information, but ISO / IEC 27018 aims, in broad terms, to identify precisely how the provider manages the personal data of the interested parties, establishes the necessary procedures for any request or access to them thus offering customers complete transparency in this regard.
Based on the safety checks set out in Annex A to ISO 27001 or the ISO 27002 Code of Good Practice, the standard adds safety requirements for Personally Identifiable Information (PII) about specific controlsIn this sense, out of the 114 controls proposed by Information Security standard, ISO 27018 establishes additional requirements on 15 controls, distributed among following clauses:
The standard defines 8 specific information privacy principles or controls, applicable to the cloud data manager and how to implement them, which is a set of requirements for PII protection. The principles in which it is based on are the following:
