It is a code of practice that focuses on personal identifiable information (pii) in the cloud. With reference to implementation guidelines, iso/iec 27002 controls are applicable to public cloud personal identifiable information (pii). What are the benefits of iso 27018 certification?comply with a number of legal & regulatory acts on pii in various regions (gdpr, hipaa, popi, etc.)comply with applicable obligations for protecting pii processingtransparency to your customers on their piienter into a contractual agreement for better decision making & understandingdemonstrate effective implementation of pii protectiondata management on cloud (data minimization, data transfer, back up, capacity management, etc.) what are the requirements of iso 27018:2019?legal, statutory, regulatory and contractual requirementsidentifying risks associated with processing pii in the organization & its interested parties (stakeholders, service providers, patrons, etc.)corporate policy most of the policies are covered under legal & socio-cultural obligations, an organization may create other internal policies beyond the criteria derived from standard requirementsconsents, transparency, communication security, physical & environmental security & operational securitydefined vendor management, incident management & business continuity managementdefining of soa who can get iso 27018 certification?all types of organization providing information processing services as pii processors & controllers through cloud computing under a contractual agreement to other organizations. basically, all cloud service provider can have the above standard (aws, google cloud, azure, etc.)