IBM Cloud Continues Expansion of ISO27K Certifications, Adding ISO 27701 PIMS Controls for PaaS

1 min read

Strengthening IBM’s existing Information Security Management System (ISMS) controls, Privacy Information Management System (PIMS) adds guidance for managing Personal Identifiable Information (PII).

Many data protection laws — such as the EU’s GDPR, Brazil’s LGPD and the United States’ CCPA — place a renewed emphasis on keeping PII secure. ISO 27701 adds comprehensive privacy controls to the ISO27K family. These controls make it easier for organizations to adhere to applicable regulations and laws.

ISO27K certification illustrates IBM Cloud's continuing commitment to privacy, security and compliance. View the current ISO27K certificates:

IBM Cloud PaaS offerings that recently achieved ISO27K certification include the following:

Learn more

  • ISO/IEC 27001:2013: Information technology — Security techniques — Information security management systems — Requirements 
  • ISO/IEC 27017:2015: Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services 
  • ISO/IEC 27018:2019: Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors 
  • ISO/IEC 27701:2019: Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines 

Be the first to hear about news, product updates, and innovation from IBM Cloud