ISO-27018:2019 certification

Futura Sistemi has always been deeply committed to information security, through continuous investments in qualifications aimed to attest its quality.

And just recently, we celebrated an important milestone within this path: the acquisition of the renowned ISO 27018:2019 certification!

ISO/IEC 27018:2019 is an information security code of practice for cloud service providers who process personally identifiable information for their customers. It is an extension of ISO 27001 and ISO 27002 and provides additional security controls. It details the privacy requirements and privacy security control enhancements that cloud service providers must implement.

It is complementary to ISO 27017, Security Controls for Cloud Services, and ISO 27701, Privacy Information Management, which are in turn linked to ISO 27001.

As an extension of ISO 27001, ISO 27018 provides guidance on 16 ISO 27002 controls, as well as providing 25 new privacy and security controls:

• The obligation to cooperate with those responsible for processing PII
• Maintaining the rights of PII holders
• Compliance with key privacy requirements, such as data minimization and accuracy
• The principles of transparency and responsibility
• Additional security checks
• Subcontract Processing Requirements

A result that confirms our constant dedication to guaranteeing the information security of the documents, processes and technologies we use.

A further decisive step towards a path of continuous improvement, aimed at ensuring our customers and partners increasingly safe and cutting-edge solutions.

Futura Sistemi Team