Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services
Abstract
ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:
- additional implementation guidance for relevant controls specified in ISO/IEC 27002;
- additional controls with implementation guidance that specifically relate to cloud services.
This document provides controls and implementation guidance for both cloud service providers and cloud service customers.
Begin
2024-04-29
WI
JT013077
Planned document number
DIN EN ISO/IEC 27017
Project number
04301132
Responsible national committee
NA 043-04-13 GA - DIN/DKE Joint working committee Cybersecurity
Responsible european committee
CEN/CLC/JTC 13 - Cybersecurity and Data Protection
Responsible international committee
ISO/IEC JTC 1/SC 27/WG 1 - Information security management systems