ISO/IEC 27017:2015: Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services
Acronyms, Abbreviations, and Initialisms
|Short Form||Full Form|
|CSC||Cloud Service Customer|
|CSP||Cloud Service Provider|
|IEC||International Electrotechnical Commission|
|ISO||International Organization for Standardization|
ISO/IEC 27017 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:
- additional implementation guidance for relevant controls specified in ISO/IEC 27002;
- additional controls with implementation guidance that specifically relate to cloud services.
This standard provides controls and implementation guidance for both cloud service providers and cloud service customers.
- ISO/IEC 27017 is focused on cloud services and computing.