Information technology -- Security techniques -- Code of practice for information security controls based on ISO/IEC 27002 for cloud services

ISO/IEC 27017 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

additional implementation guidance for relevant controls specified in ISO/IEC 27002;
additional controls with implementation guidance that specifically relate to cloud services.

This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

The standard can be bought here: https://www.iso.org/standard/43757.html
The informative sections of this standard are publicly available here: https://www.iso.org/obp/ui/#iso:std:iso-iec:27017:ed-1:v1:en

Publication date: 01 December 2015

ICT rolling plan topic: Cloud computing

SDO: IEC

Latest publishied version: https://www.iso.org/standard/43757.html