Apr 1, 2024 4 min read

Mercans achieves ISO 27017 and ISO 27018 certifications

We are pleased to announce that we have been granted certifications for ISO 27017 and ISO 27018,  globally-respected information security standards developed by the International Organization for Standardization (ISO). Mercans was previously awarded the ISO 27000 and ISO 27001 certification in 2023.  These two additional certifications highlight the company’s ongoing commitment to providing its customers with the gold standard in data security and privacy.

What are the ISO 27017 and ISO 27018 standards?

ISO 27017 and ISO 27018 are international standards for protecting personal data in the cloud. Both standards are part of the ISO 27000 series of standards that relate to information security management. They are designed to help ensure the confidentiality, integrity, and availability of personal data stored in the cloud and to protect against unauthorized access or tampering with that data. The main difference between the two standards is their focus. ISO 27017 provides general guidance on the protection of personally identifiable information (PII) in the cloud, while ISO 27018 provides specific guidance on the protection of PII in the context of public cloud services. 

Mercans achieves ISO 27017 and ISO 27018 certifications

ISO/IEC 27017:2015 provides guidelines for protecting PII in public clouds and covers cloud-specific information security threats, security controls, risk assessments, and incident management.

ISO/IEC 27018:2019 provides guidance on implementing measures to protect PII in the cloud, specifically regarding public cloud services. It covers topics such as data protection, data processing, and data handling.


The ISO 27017 and 27018 certifications for personal data protection ensure that we have implemented a robust set of controls to protect against unauthorized access or tampering with customer data. We demonstrate Mercans commitment to ensuring your data is secure and that we adhere to the strictest data privacy rules.

Tulika Das

Tulika Das

Head of Quality Council

How Mercans ensures data security and privacy

A rigorous audit that involved a review of Mercans policies, procedures, and practices as well as the assessment of physical and technical controls in place was done to ensure our information security management system (ISMS) meets the requirements of both standards. These certifications reflect Mercans ability to uphold the highest cybersecurity standards and its ongoing commitment to providing the best protection. Here are some specific ways Mercans ISO 27017 and ISO 27018 certifications ensure the security and privacy of personal data in our payroll platform:

Mercans ISO compliance in the broader landscape of data security and privacy

Protecting our customers’ information and their users’ privacy is of primary importance to us. As Mercans offers a cloud-based payroll processing platform, we recognize that customers are increasingly seeking assurance that we meet cloud security and data privacy requirements. With the addition of ISO 27017 and ISO 27018 certifications, we provide additional protection for personal data in the cloud and ensure we have the appropriate processes in place to maintain the security of sensitive data, prevent unauthorized access and reduce the security risk for our customers.

Most viewed posts

View all posts

Avasant Selects Mercans as a Leader in Payroll Business Process Tra...

The meticulous research methodology employed by Avasant included analyzing publicly available information like SEC filings, annual reports, and executive interviews, along with engaging in discussions and market interactions.

Dec 22, 2023 4 min read

Global BPO Leader Infosys Selects Mercans’ Payroll Tech to Power i...

This partnership brings together Mercans' disruptive payroll tech and Infosys' consulting and BPO capabilities to create the most tech advanced and operationally resilient global payroll offering.

Sep 26, 2023 3 min read

Mercans: A Leader in Global Managed Payroll – ISG Provider Lens™ 2023

Payroll solutions and services study meticulously assessed 36 vendors across three distinct quadrants, and Mercans proudly emerged as a frontrunner.

Nov 9, 2023 2 min read