Why ISO 27018 can benefit organizations seeking to comply with the GDPR.
Ever since it was announced that the General Data Protection Regulation (GDPR) would take effect on May 25, 2018, globally-minded organizations have been scrambling for solutions to meet its prescriptive (yet interpretive) requirements. The expectation that organizations should adopt strong security and privacyrelated measures comes at a critical juncture in time, where data breaches and privacy concern s continue to abound each and every day. While cloud-based information system architectures have significantly improved organizational performance and efficiency, there are specific risks that organizations should consider when determining a strategy to help ensure that sensitive information is protected. One such solution includes incorporating the privacy control considerations to an organization’s information security management system (ISMS) as defined by ISO/IEC 27018:2014 (henceforth ISO 27018).