FAQ'S

This code of practice applies to CSPs that process PII under contract for other organizations.

In the context of ISO/IEC 27018:

  • "Controllers" control the collection, holding, processing, or use of personal information; they include those who control it on another company's behalf.
  • "Processors" process information on behalf of controllers; they do not make decisions as to how to use the information or the purposes of the processing. In providing its enterprise cloud services, Microsoft-as a vendor to you-is an information processor.

If an organization consumes or provides cloud services, it should implement ISO 27017 standard at the earliest. If an organization deals with the Personally Identifiable Information (PII) of the customers, ISO 27018 implementation is must.

It demonstrates the organization's ongoing commitment to align with globally-recognized best practices and that the controls specific to cloud services are at place.

FEATURES





It provides clarity regarding who is responsible for what between the cloud service provider and the cloud customer

Read more

PROCESS





It provides clarity regarding who is responsible for what between the cloud service provider and the cloud customer

Read more

BENIFITS




Inspires trust on the business as customers have greater reassurance to customers and stakeholders

Read more

FAQ



To whom does ISO/IEC 27018 apply?
This code of practice applies to CSPs that process PII under contract for other organizations.

Read more

RELATED LINKS




https://www.infoworld.com/article/3000021/cloud-computing/iso-27018-compliance-heres-what-you-need-to-know.html

Read more

What Our Customers Say?

Valency Networks is a very techie company, focusing on a continuous improvement in service quality. Our customers like us exactly for that and that helps us keep our quality to the best extent.