Customer Support: +353 (0)1 857 6730

Corporate Website About Us
  • Shopping Cart
    There are no items in your cart
Please enter a keyword to search
Advanced search
Home
ISO
ISO/IEC 27017:2015

ISO/IEC 27017:2015

Current

Current

The latest, up-to-date edition.

Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services

Available format(s)

Hardcopy , PDF

Language(s)

French, English

Published date

30-11-2015

Publisher

International Organization for Standardization

€149.00
Excluding VAT

ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

- additional implementation guidance for relevant controls specified in ISO/IEC 27002;

- additional controls with implementation guidance that specifically relate to cloud services.

This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

Committee
ISO/IEC JTC 1/SC 27
DocumentType
Standard
Pages
41
ProductNote
THIS STANDARD IS ALSO REFERES TO SP 800‑145
PublisherName
International Organization for Standardization
Status
Current

18/30346433 DC : 0 BS ISO/IEC 19086-4 - INFORMATION TECHNOLOGY - CLOUD COMPUTING SERVICE LEVEL AGREEMENT (SLA) FRAMEWORK - PART 4: SECURITY AND PRIVACY
BS ISO/IEC 19086-1:2016 Information technology. Cloud computing. Service level agreement (SLA) framework Overview and concepts
ISO/IEC 27009:2016 Information technology — Security techniques — Sector-specific application of ISO/IEC 27001 — Requirements
BS EN ISO/IEC 27000:2017 Information technology. Security techniques. Information security management systems. Overview and vocabulary
CEN/TS 17159:2018 Societal and citizen security - Guidance for the security of hazardous materials (CBRNE) in healthcare facilities
ISO/IEC 27000:2018 Information technology — Security techniques — Information security management systems — Overview and vocabulary
ISO/IEC 27036-4:2016 Information technology — Security techniques — Information security for supplier relationships — Part 4: Guidelines for security of cloud services
BS ISO/IEC 27000 : 2016 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY
BS ISO/IEC 38505-1:2017 Information technology. Governance of IT. Governance of data Application of ISO/IEC 38500 to the governance of data
ISO/IEC 19086-1:2016 Information technology — Cloud computing — Service level agreement (SLA) framework — Part 1: Overview and concepts
ISO/IEC TR 38505-2:2018 Information technology — Governance of IT — Governance of data — Part 2: Implications of ISO/IEC 38505-1 for data management
BS ISO/IEC 27009:2016 Information technology. Security techniques. Sector-specific application of ISO/IEC 27001. Requirements
18/30348902 DC : 0 BS ISO/IEC 21878 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY GUIDELINES FOR DESIGN AND IMPLEMENTATION OF VIRTUALIZED SERVERS
BS ISO/IEC 27036-4:2016 Information technology. Security techniques. Information security for supplier relationships Guidelines for security of cloud services
I.S. EN ISO/IEC 27000:2017 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY (ISO/IEC 27000:2016)
BS ISO/IEC 19941:2017 Information technology. Cloud computing. Interoperability and portability
17/30349211 DC : 0 BS ISO/IEC 29147 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - VULNERABILITY DISCLOSURE
16/30316173 DC : 0 BS ISO/IEC 19086-1 - INFORMATION TECHNOLOGY - CLOUD COMPUTING - SERVICE LEVEL AGREEMENT (SLA) FRAMEWORK - PART 1: OVERVIEW AND CONCEPTS
16/30275200 DC : 0 BS ISO/IEC 27036-4 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY FOR SUPPLIER RELATIONSHIPS - PART 4: GUIDELINES FOR SECURITY OF CLOUD SERVICES
EN ISO/IEC 27000:2017 Information technology - Security techniques - Information security management systems - Overview and vocabulary (ISO/IEC 27000:2016)
ISO/IEC 19941:2017 Information technology — Cloud computing — Interoperability and portability
ISO/IEC 38505-1:2017 Information technology — Governance of IT — Governance of data — Part 1: Application of ISO/IEC 38500 to the governance of data
16/30333228 DC : 0 BS ISO/IEC 38505-1 - INFORMATION TECHNOLOGY - GOVERNANCE OF IT - PART 1: THE APPLICATION OF ISO/IEC 38500 TO THE GOVERNANCE OF DATA
S.R. CEN/TS 17159:2018 SOCIETAL AND CITIZEN SECURITY - GUIDANCE FOR THE SECURITY OF HAZARDOUS MATERIALS (CBRNE) IN HEALTHCARE FACILITIES
CEI UNI EN ISO/IEC 27005:2025-04 Information security, cybersecurity and privacy protection – Guidance on managing information security risks
CEI UNI EN ISO/IEC 27002:2023 Information security, cybersecurity and privacy protection - Information security controls
INCITS/ISO/IEC 29147:2018 (2019) Information technology -- Security techniques -- Vulnerability disclosure
INCITS/ISO/IEC 19086-1:2016 (R2019) Information technology — Cloud computing — Service level agreement (SLA) framework — Part 1: Overview and concepts
INCITS/ISO/IEC 27000:2018(R2019) Information technology -- Security techniques - - Information security management systems – Overview and vocabulary
ANSI INCITS/ISO/IEC 19941:2017(2019) Information technology - Cloud computing - Interoperability and portability

ISO/IEC 27036-4:2016 Information technology — Security techniques — Information security for supplier relationships — Part 4: Guidelines for security of cloud services
ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements
ISO 31000:2009 Risk management — Principles and guidelines
ISO/IEC 27002:2013 Information technology — Security techniques — Code of practice for information security controls
ISO/IEC 27018:2014 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
ISO 19440:2007 Enterprise integration — Constructs for enterprise modelling
ISO/IEC 27036-3:2013 Information technology — Security techniques — Information security for supplier relationships — Part 3: Guidelines for information and communication technology supply chain security
ISO/IEC 27005:2011 Information technology — Security techniques — Information security risk management
SA/SNZ TR ISO/IEC 38505.2:2019 Information technology - Governance of IT - Governance of data Implications of ISO/IEC 38505-1 for data management
ISO/IEC 17203:2017 Information technology — Open Virtualization Format (OVF) specification
ISO/IEC 27036-1:2014 Information technology — Security techniques — Information security for supplier relationships — Part 1: Overview and concepts
ISO/IEC 27036-2:2014 Information technology — Security techniques — Information security for supplier relationships — Part 2: Requirements
ISO/IEC 27040:2015 Information technology — Security techniques — Storage security
ISO/IEC 27000:2016 Information technology — Security techniques — Information security management systems — Overview and vocabulary
ISO/IEC 17789:2014 Information technology — Cloud computing — Reference architecture
ISO/IEC 17788:2014 Information technology — Cloud computing — Overview and vocabulary

Summarise
ChatGPT Perplexity

Access your standards online with a subscription

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Get in touch with us

€149.00
Excluding VAT
EUR
AUD
CAD
CHF
CNY
DKK
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - French
PDF - French
Hardcopy - Arabic
PDF - Arabic
Hardcopy - English
PDF - English
01
02
03
04
05
06
07
08
09
10