15/30259619 DC : 0
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
BS ISO/IEC 27017 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS BASED ON ISO/IEC 27002 FOR CLOUD SERVICES
Hardcopy , PDF
31-12-2015
English
Important note : Users cannot be edited or removed once added to your Multi user PDF.
0 Introduction
1 Scope
2 Normative references
3 Definitions and abbreviations
4 Cloud sector-specific concepts
5 Information security policies
6 Organization of information security
7 Human resource security
8 Asset management
9 Access control
10 Cryptography
11 Physical and environmental security
12 Operations security
13 Communications security
14 System acquisition, development and maintenance
15 Supplier relationships
16 Information security incident management
17 Information security aspects of business
continuity management
18 Compliance
Annex A (normative) - Cloud Service Extended Control Set
Annex B (informative) - References on information security risk
related to cloud computing
Bibliography
BS ISO/IEC 27017.
| Committee |
IST/33
|
| DocumentType |
Draft
|
| Pages |
61
|
| PublisherName |
British Standards Institution
|
| Status |
Superseded
|
| SupersededBy |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| ISO/IEC 27018:2014 | Information technology Security techniques Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors |
| ISO/IEC 27036-3:2013 | Information technology — Security techniques — Information security for supplier relationships — Part 3: Guidelines for information and communication technology supply chain security |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| ISO/IEC 17203:2017 | Information technology — Open Virtualization Format (OVF) specification |
| ISO/IEC 27036-1:2014 | Information technology Security techniques Information security for supplier relationships Part 1: Overview and concepts |
| ISO/IEC 27036-2:2014 | Information technology Security techniques Information security for supplier relationships Part 2: Requirements |
| ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
| ISO/IEC 17789:2014 | Information technology — Cloud computing — Reference architecture |
| ISO/IEC 17788:2014 | Information technology — Cloud computing — Overview and vocabulary |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.