Nowadays, we are seeing more and more companies adopting cloud-based technologies, either as consumers or providers of cloud services. However, there are still information security risks that need to be addressed when working in the cloud.
As well as a need for secure solutions, there is also a business need for trust and assurance of data protection and business resilience. Both as consumers and providers, it is important to provide these assurances and an ISO 27001 certification can help achieve that goal.
In this article, we will
- Help companies navigate their way through the implementation of an ISO 27001 compliant ISMS.
- Clarify roles and responsibilities: although the risks may be transferred to the cloud provider in certain cases, an organisation remains accountable for data protection and privacy.
- Identify which of the Annex A controls need to be adapted for cloud-based companies and compare the difficulty to an on-premises model.
And when you’re ready, contact us to help you along the way!