ISO 27000 series

The ISO 27000 series, consisting of ISO 27001, ISO 27017, ISO 27018, and ISO 27701, provides a robust framework for implementing and managing information security systems, cloud security, data privacy in the cloud, and privacy information management systems. Developed by the International Organization for Standardization (ISO), these standards are universally accepted and applicable across all geographies and types of organizations.
  • icon

    ISO 27001

    ISO 27001 focuses on establishing, implementing, maintaining, and improving an Information Security Management System (ISMS). It provides a structured framework for information risk management, ensuring the confidentiality, integrity, and availability of information by applying a risk management process and providing assurance to interested parties that risks are adequately managed.

  • icon

    ISO 27017

    ISO 27017 enhances the existing controls within ISO 27001 with additional security controls specifically designed for cloud services. It offers guidance for both cloud service providers and cloud service customers, focusing on the key aspects of information security in a cloud computing environment such as shared roles and responsibilities, data deletion, network security, and virtual machine hardening.

  • icon

    ISO 27018

    ISO 27018 is designed to protect Personally Identifiable Information (PII) in the cloud. It establishes specific guidelines and principles for implementing, maintaining, and applying measures to protect PII in line with the privacy principles in ISO 29100 for the public cloud computing environment.

  • icon

    ISO 27701

    ISO 27701 provides guidance on establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS). It outlines a framework for PII Controllers and PII Processors to manage data privacy, including processing PII, consent, data purpose legitimacy, data minimization, accuracy, storage limitation, and data security.

ISO 27xxx Compliant Offerings

Palo Alto Networks ISO 27001, ISO 27017, ISO 27018, ISO 27701 Certified Cloud Offerings: