Information Security Standards Mapping Tool
The extension of ISO 27001 to include cloud services and privacy ensures the standard remains fit and contemporary. ISO 27017 Cloud Services Information Security, ISO 27018 Cloud Privacy and ISO 27701 Privacy Information Management extend ISO 27001 in four ways:
Extensions or additions to the management system clauses,
Extensions or additions to the Annex A clauses.
And in doing so introduce their own annexes with security controls.
The mapping document below shows the relationship between the original ISO 27001 controls and the extensions or additions introduced by the other standards. It places all the controls aligned to and in ISO 27001/ ISO 27002 original order. It will assist in interpreting the standards and aid organisations in determining applicable controls.