What is ISO 27017:2015 – Security controls for cloud
services Certification?ISO/IEC 27017:2015 gives guidelines for
information security controls applicable to the provision and use of cloud
services by providing:
implementation guidance for relevant controls specified in ISO/IEC 27002;
controls with implementation guidance that specifically relate to cloud
Used with ISO 27001 series of standards, ISO
27017 provides enhanced controls for cloud service providers and cloud service
customers. Unlike many other technology-related standards ISO 27017 clarifies
both party's roles and responsibilities to help make cloud services as safe and
secure as the rest of the data included in a certified information management
What are the benefits of ISO 27017:2015?
Develop a long-term strategy
Reduce reputation risks
Win customer trust
Protects against fines - ensures that local
regulations are complied with reducing the risk of fines for data breaches.
Protects your brand reputation - reduces the risk
of adverse publicity due to data breaches.
Who can acquire ISO 27017:2015 certification?
ISO 27017 certification can be applied to organisations
of any size and type involved in providing cloud server services.