Certifications & Attestations
Archlight guides organizations to industry-recognized certifications and attestations that prove your ability to protect data, satisfy regulators, and win trust.
Certifications & Attestations
From gap analysis to audit support, we take you all the way to certification.
ISO 27001 Certification Readiness
ISO 27701 (Privacy Information Management)
ISO 42001 (AI Management System)
ISO 27017 (Cloud Security Controls)
ISO 27018 (PII Protection in Public Cloud)
SOC 2 Attestation Readiness
HITRUST Certification Readiness
NIST Certification Support
EMRAM Support (Cybersecurity Modules)
Cloud Security & Privacy: ISO 27017 & ISO 27018
Two complementary standards that extend your ISMS into the cloud.
ISO 27017 (Cloud Security Controls)
Extends ISO 27001 controls for cloud environments. Covers shared responsibility, VM hardening, admin access controls, cloud workload monitoring, network security in hybrid cloud, and secure asset removal at contract end.
ISO 27018 (PII Protection in Public Cloud)
Privacy controls for PII in public cloud. Covers consent and purpose limitation, data subject rights, transparency, restriction on PII use for marketing, sub-processor management, and secure return and deletion of PII.
Our Approach to ISO 27017 & 27018
A clear, eight-step path to cloud certification readiness.
Cloud Risk Assessment
Shared Responsibility Clarity
Gap Analysis & Roadmap
PII Protection Controls
Policy & Procedure Development
Certification Readiness
Continual Improvement
ISO 27001 / 27701 Integration
Ready to Secure
Your Business?
Schedule a complimentary 30-minute consultation with our team and discover how we can protect what matters most.