ISO/IEC DIS 27017

Information security, cybersecurity and privacy protection — Information security controls based on ISO/IEC 27002 for cloud services ISO/IEC DIS 27017

General information

Current stage: 40.20 DIS ballot initiated: 12 weeks Feb 3, 2025

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

Type: International Standard

ICS: 35.030 IT Security | 03.100.70 Management systems

Scope

ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:
- additional implementation guidance for relevant controls specified in ISO/IEC 27002;
- additional controls with implementation guidance that specifically relate to cloud services.
This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

Life cycle

PREVIOUSLY

PUBLISHED
ISO/IEC 27017:2015

NOW

IN_DEVELOPMENT
ISO/IEC DIS 27017
40.20 DIS ballot initiated: 12 weeks
Feb 3, 2025