UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close

Select Your Free Newsletters

Industry Newsletters

Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Standards Library
  • All
  • News & Analysis
  • Products & Services
  • Standards Library
  • Reference Library
  • Community

I forgot my password.

Don't have an account?

Register here.

ISO/IEC 27017

Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services

active, Most Current
Buy Now
Organization: ISO
Publication Date: 15 December 2015
Status: active
Page Count: 44
ICS Code (Information coding): 35.040
scope:

This Recommendation | International Standard gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

- additional implementation guidance for relevant controls specified in ISO/IEC 27002;

- additional controls with implementation guidance that specifically relate to cloud services.

This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

Document History

ISO/IEC 27017
December 15, 2015
Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services
This Recommendation | International Standard gives guidelines for information security controls applicable to the provision and use of cloud services by providing: – additional implementation...

References

This document references:
ISO/IEC 27000 - Information technology - Security techniques - Information security management systems - Overview and vocabulary
Published by ISO on February 1, 2018
This document provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is...
This document references:
ISO 19440 - Enterprise modelling and architecture — Constructs for enterprise modelling
Published by ISO on May 1, 2020
This document identifies and specifies constructs necessary for users that model enterprises in conformance with ISO 19439. This document focuses on, but is not restricted to, engineering and the...
This document references:
ISO 31000 - Risk management - Guidelines
Published by ISO on February 1, 2018
This document provides guidelines on managing risk faced by organizations. The application of these guidelines can be customized to any organization and its context. This document provides a common...
This document references:
ISO/IEC 17203 - Information technology - Open Virtualization Format (OVF) specification
Published by ISO on September 1, 2017
The Open Virtualization Format (OVF) Specification describes an open, secure, efficient and extensible format for the packaging and distribution of software to be run in virtual systems. The OVF...
This document references:
ISO/IEC 17788 - Information technology - Cloud computing - Overview and vocabulary
Published by ISO on October 15, 2014
This Recommendation | International Standard provides an overview of cloud computing along with a set of terms and definitions. It is a terminology foundation for cloud computing standards. This...
This document references:
ISO/IEC 17789 - Information technology - Cloud computing - Reference architecture
Published by ISO on October 15, 2014
This Recommendation | International Standard specifies the cloud computing reference architecture (CCRA). The reference architecture includes the cloud computing roles, cloud computing activities,...
This document references:
ISO/IEC 27000 - Information technology - Security techniques - Information security management systems - Overview and vocabulary
Published by ISO on February 1, 2018
This document provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is...
This document is referenced by:
BS ISO/IEC 27009 - Information security, cybersecurity and privacy protection - Sector-specific application of ISO/IEC 27001 - Requirements
Published by BSI on April 30, 2020
A description is not available for this item.
This document is referenced by:
ITU-T X.1642 - Guidelines for the operational security of cloud computing
Published by ITU-T on March 1, 2016
This Recommendation clarifies the security responsibilities between cloud service providers (CSPs) and cloud service customers (CSCs), and analyses the requirements and categories of security metrics...
This document is referenced by:
BS ISO/IEC 19086-1 - Information technology - Cloud computing - Service level agreement (SLA) framework Part 1: Overview and concepts
Published by BSI on September 30, 2016
A description is not available for this item.
This document is referenced by:
BS ISO/IEC 27036-4 - Information technology — Security techniques — Information security for supplier relationships Part 4: Guidelines for security of cloud services
Published by BSI on October 31, 2016
A description is not available for this item.
View Less
View All
Advertisement