ISO/IEC CD 27017.2

Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services ISO/IEC CD 27017.2

General information

30.20 CD study/ballot initiated   Apr 25, 2024


ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

International Standard

35.030   IT Security


ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:
- additional implementation guidance for relevant controls specified in ISO/IEC 27002;
- additional controls with implementation guidance that specifically relate to cloud services.
This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

Life cycle


ISO/IEC 27017:2015


ISO/IEC CD 27017.2
30.20 CD study/ballot initiated
Apr 25, 2024