ISO 27018
ISO adopted the first international cloud privacy code of conduct, ISO/IEC 27018 (an annex to ISO/IEC 27001), in 2014. The standard is based on EU data protection law and provides specific guidance for cloud service providers (CSPs) acting as personal information (PII) processors on how to assess risks and implement advanced controls to protect PII.