Information technology -- Security techniques -- Code of practice for information security controls based on ISO/IEC 27002 for cloud services

  • Home
  • Information technology -- Security techniques -- Code of practice for information security controls based on ISO/IEC 27002 for cloud services

Error message

User warning: The following module is missing from the file system: cascading_grants_services. For information about how to fix this, see the documentation page. in _drupal_trigger_error_with_delayed_logging() (line 1184 of /var/www/html/web/includes/bootstrap.inc).

ISO/IEC 27017:2015

Information technology -- Security techniques -- Code of practice for information security controls based on ISO/IEC 27002 for cloud services

SCOPE

ISO/IEC 27017 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

  • additional implementation guidance for relevant controls specified in ISO/IEC 27002;
  • additional controls with implementation guidance that specifically relate to cloud services.

This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.
 
The standard can be bought here: https://www.iso.org/standard/43757.html
The informative sections of this standard are publicly available here: https://www.iso.org/obp/ui/#iso:std:iso-iec:27017:ed-1:v1:en

LATEST PUBLICATION DATE
December 2015
LINK TO THE LATEST PUBLISHED VERSION
https://www.iso.org/standard/43757.html
COMMITTEE / WG
ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protection
WIKI WATCH

Insert here: activities, gaps, opportunities, and other user driven comments

Back to the search results