Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services

Used with ISO/IEC 27001 series of standards, ISO/IEC 27017 provides enhanced controls for cloud service providers and cloud service customers. Unlike many other technology-related standards ISO/IEC 27017 clarifies both party’s roles and responsibilities to help make cloud services as safe and secure as the rest of the data included in a certified information management system.

This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

ISO 27017 Certification – Benefits

• Develop a long-term strategy
• Increase transparency
• Reduce reputation risks
• Win customer trust
• Protects against fines – ensures that local regulations are complied with reducing the risk of fines for data breaches
• Protects your brand reputation – reduces the risk of adverse publicity due to data breaches