New framework: ISO/IEC 27018:2025 is now available in Scrut

What's new?

Scrut now supports the ISO/IEC 27018:2025 framework, helping you demonstrate strong privacy controls for Personally Identifiable Information (PII) in public cloud environments.

Why was this needed?

Customers increasingly expect proof of privacy, not just security. ISO 27018:2025 provides a globally recognized framework to demonstrate that you handle personal data with the highest level of integrity and transparency. It focuses on:

• Data Sovereignty: Focuses on where data is stored and how it is processed.

• Transparency: Ensures customers are informed about how their PII is used and who has access to it.

• Accountability: Provides clear guidelines for notifying of data breaches and for handling government requests for data.

How it works

• Access ISO/IEC 27018:2025 from the Frameworks module.

• Review detailed technical and procedural control requirements.

• Use built-in policy and evidence suggestions to speed up implementation.

• Leverage the automated Statement of Applicability (SOA):

  • In-scope controls are auto-suggested.

  • Out-of-scope controls come with pre-filled justifications.

• Generate readiness and compliance reports for stakeholders and audits.

Need help?

Your Customer Success Manager (CSM) is always ready to help if you need assistance. Explore all recent product updates → View now.