ISO/IEC CD 27017.2

Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services

General information

Current stage: 30.20 CD study/ballot initiated Apr 25, 2024

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

Type: International Standard

ICS: 35.030 IT Security

Scope

ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:
- additional implementation guidance for relevant controls specified in ISO/IEC 27002;
- additional controls with implementation guidance that specifically relate to cloud services.
This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

Life cycle

PREVIOUSLY

PUBLISHED
ISO/IEC 27017:2015

NOW

IN_DEVELOPMENT
ISO/IEC CD 27017.2
30.20 CD study/ballot initiated
Apr 25, 2024