European Union (EU) regulation to protect
personal data and privacy of its citizens.
United States (US) regulation to secure
Protected Health Information (PHI).
Global benchmark to demonstrate an elective Information Security Management System (ISMS). For businesses selling to customers outside of the US.
ISO 27701 is an extension of ISO 27001 that specifies the requirements for establishing, implementing, maintaining and continually improving a privacy information management system (PIMS).
ISO 27017 provides guidelines for information security controls applicable to the provision and use of cloud services.
ISO 27018 establishes controls to protect Personally Identifiable Information (PII) in public cloud computing environments.
Microsoft SSPA is a mandatory compliance program for Microsoft suppliers working with Personal Data and/or Microsoft Confidential Data.