ISO/IEC 27018
E100887
ISO/IEC 27018 is an international standard that provides guidelines and controls for protecting personally identifiable information (PII) in public cloud computing environments.
All labels observed (2)
| Label | Occurrences |
|---|---|
| ISO/IEC 27018 canonical | 5 |
| ISO 27018 | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T868206 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: ISO/IEC 27018 Context triple: [ISO 27001, relatedStandard, ISO/IEC 27018]
-
A.
ISO 27001
ISO 27001 is an internationally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
-
B.
GDPR
The GDPR (General Data Protection Regulation) is a comprehensive European Union data protection law that governs how organizations collect, process, and store personal data of individuals in the EU.
-
C.
ISO 26324
ISO 26324 is the international standard that defines the structure, syntax, and functional framework of the Digital Object Identifier (DOI) system for uniquely identifying digital content.
-
D.
ISO 2108
ISO 2108 is the international standard that defines the structure and use of the International Standard Book Number (ISBN) system for identifying books and related publications.
-
E.
ISO/IEC 8652
ISO/IEC 8652 is the international standard that formally defines the Ada programming language, including its syntax, semantics, and core features.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: ISO/IEC 27018 Target entity description: ISO/IEC 27018 is an international standard that provides guidelines and controls for protecting personally identifiable information (PII) in public cloud computing environments.
-
A.
ISO 27001
ISO 27001 is an internationally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
-
B.
GDPR
The GDPR (General Data Protection Regulation) is a comprehensive European Union data protection law that governs how organizations collect, process, and store personal data of individuals in the EU.
-
C.
ISO 26324
ISO 26324 is the international standard that defines the structure, syntax, and functional framework of the Digital Object Identifier (DOI) system for uniquely identifying digital content.
-
D.
ISO 2108
ISO 2108 is the international standard that defines the structure and use of the International Standard Book Number (ISBN) system for identifying books and related publications.
-
E.
ISO/IEC 8652
ISO/IEC 8652 is the international standard that formally defines the Ada programming language, including its syntax, semantics, and core features.
- F. None of above. chosen
Statements (46)
| Predicate | Object |
|---|---|
| instanceOf |
IEC standard
ⓘ
ISO standard ⓘ information security standard ⓘ privacy standard ⓘ |
| addresses |
cross-border transfer of PII in cloud computing
ⓘ
data breach notification in cloud services ⓘ data deletion and return in cloud services ⓘ data subject rights in cloud environments ⓘ information security incident management for PII ⓘ obligations of public cloud PII processors ⓘ subcontractor and subprocessor management ⓘ transparency of cloud processing operations ⓘ use of PII for marketing and advertising by cloud providers ⓘ |
| appliesTo |
cloud service providers acting as PII processors
ⓘ
public cloud computing services ⓘ |
| basedOn | ISO/IEC 27002 ⓘ |
| canBeCertifiedAgainst | yes ⓘ |
| compatibleWith |
ISO 27001
ⓘ
surface form:
ISO/IEC 27001
|
| defines | controls for protection of PII in public cloud computing ⓘ |
| domain | cloud computing ⓘ |
| extends | ISO/IEC 27002 controls with PII-specific guidance ⓘ |
| focusesOn | protection of personally identifiable information in public clouds ⓘ |
| hasAbbreviation |
ISO/IEC 27018
self-linksurface differs
ⓘ
surface form:
ISO 27018
|
| intendedFor |
cloud service providers
ⓘ
organizations using public cloud services ⓘ |
| language | English (official version) ⓘ |
| partOfSeries | ISO/IEC 27000 family ⓘ |
| protects | personally identifiable information in cloud environments ⓘ |
| provides | guidelines for implementing PII protection controls ⓘ |
| publishedBy |
International Electrotechnical Commission
ⓘ
International Organization for Standardization ⓘ |
| requires |
agreements governing PII processing between cloud provider and customer
ⓘ
clear information to customers about where PII is processed ⓘ controls to restrict processing of PII to customer instructions ⓘ logging and monitoring of PII processing activities ⓘ measures to ensure data subject access, correction and deletion ⓘ notification to customers in case of PII breaches ⓘ procedures for secure deletion of PII ⓘ security controls for PII during transmission and storage ⓘ |
| subjectArea |
data protection
ⓘ
information security ⓘ privacy ⓘ |
| supports | compliance with applicable privacy legislation ⓘ |
| typeOfControlSet | code of practice ⓘ |
| usedFor |
demonstrating cloud provider privacy commitments
ⓘ
third-party assessment of cloud privacy controls ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: ISO/IEC 27018 Description of subject: ISO/IEC 27018 is an international standard that provides guidelines and controls for protecting personally identifiable information (PII) in public cloud computing environments.
Referenced by (6)
Full triples — surface form annotated when it differs from this entity's canonical label.