Home Resources Blog August 2021

Information Security Standards Mapping Tool

12 August 2021
Our new Information Security Standards Mapping Tool has been designed to make it easier for your organization to compare the differences between the standards commonly used to manage information and data privacy and security.

The extension of ISO 27001 to include cloud services and privacy ensures the standard remains fit and contemporary. ISO 27017 Cloud Services Information Security, ISO 27018 Cloud Privacy and ISO 27701 Privacy Information Management extend ISO 27001 in four ways:

  • Extensions or additions to the management system clauses,

  • Extensions or additions to the Annex A clauses. 

And in doing so introduce their own annexes with security controls.

The mapping document below shows the relationship between the original ISO 27001 controls and the extensions or additions introduced by the other standards. It places all the controls aligned to and in ISO 27001/ ISO 27002 original order.  It will assist in interpreting the standards and aid organisations in determining applicable controls.