The Cloud Standards ISO/IEC 27018 (data protection) and ISO/IEC TR 20000-9 (service quality) give a strong signal to your customers.
According to international studies, more than 40 per cent of the cloud providers will strive for certification of their services in the cloud in the following one to two years. Renowned organizations operating on a global scale have already announced to have their cloud services certified in order to strengthen the confidence of potential customers in the services provided. The most important requirements placed on cloud services refer to data protection and availability. ISO/IEC 27018 focuses on “protection of personally identifiable information in the cloud”. ISO/IEC TR 20000-9, for its part, addresses the quality and availability of cloud services.
While ISO/IEC 27018 focuses on the “protection of personally identifiable information in public clouds” for service providers and processors by providing specific requirements for implementing data protection measures, ISO/IEC TR 20000-9, for its part, addresses the quality and availability of cloud services.
Cloud certification acc. to these Standards will be possible if a base certification acc. to ISO/IEC 27001 (Information Security) or ISO/IEC 20000-1 (IT Service Management) has already taken place in terms of the same scope within the organization.