Strengthening IBM’s existing Information Security Management System (ISMS) controls, Privacy Information Management System (PIMS) adds guidance for managing Personal Identifiable Information (PII).
Many data protection laws — such as the EU’s GDPR, Brazil’s LGPD and the United States’ CCPA — place a renewed emphasis on keeping PII secure. ISO 27701 adds comprehensive privacy controls to the ISO27K family. These controls make it easier for organizations to adhere to applicable regulations and laws.
ISO27K certification illustrates IBM Cloud’s continuing commitment to privacy, security and compliance. View the current ISO27K certificates:
- ISO 27001 – IBM Enterprise & Technology Security (PaaS and SaaS) certificate
- ISO 27017 – IBM Enterprise & Technology Security (PaaS and SaaS) certificate
- ISO 27018 – IBM Enterprise & Technology Security (PaaS and SaaS) certificate
- ISO 27701 – IBM Enterprise & Technology Security (PaaS and SaaS) certificate
IBM Cloud PaaS offerings that recently achieved ISO27K certification include the following:
- IBM Cloud Direct Link Connect
- IBM Cloud Direct Link Dedicated
- IBM Cloud DNS Services
- IBM Cloud Flow Logs
- IBM Cloud Kubernetes Service – RedHat OpenShift on IBM Cloud on VPC
- IBM Cloud Satellite
- IBM Cloud Mass Data Migration
- IBM Cloud Service Endpoint
- IBM Cloud Transit Gateway
- IBM Cloud Virtual Private Endpoint
- IBM Cloudant on Transaction Engine
Learn more
- ISO/IEC 27001:2013: Information technology — Security techniques — Information security management systems — Requirements
- ISO/IEC 27017:2015: Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services
- ISO/IEC 27018:2019: Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
- ISO/IEC 27701:2019: Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines