Information technology -- Security techniques -- Code of practice for information security controls based on ISO/IEC 27002 for cloud services
Used with ISO/IEC 27001 series of standards, ISO/IEC 27017 provides enhanced controls for cloud service providers and cloud service customers. Unlike many other technology-related standards ISO/IEC 27017 clarifies both party's roles and responsibilities to help make cloud services as safe and secure as the rest of the data included in a certified information management system.
This international standard provides controls and implementation guidance for both cloud service providers and cloud service customers.