info@shtechnologiespvt.com
Get in Touch

  • info@shtechnologiespvt.com

ISO/IEC 27017: 2015

  • Home
  • ISO/IEC 27017: 2015

Contact Us

If you have any query about our service please contact with us

  • info@shtechnologiespvt.com

Get in Touch

ISO 27017 is a code of practice that provides enhanced controls designed specifically for Cloud Services. Our ISO 27017 Consultants are knowledgeable in the whole ISO 27000 family of Information Security Standards and can help you extend your management system to ensure you have the tools to effectively manage risks using a full range of controls.

ISO 27001 & ISO 27017


The most effective implementation of the ISO 27017 Information Security Controls for Cloud Services is by applying them to an extended ISO 27001 Information Security Management System. ISO 27001 sets out minimum requirements and includes 114 Controls, however many organizations also use the additional guidance from ISO 27002 to extend the controls. ISO 27017 extends some of these controls even further to make them more applicable to cloud services

7 New Cloud Controls


Our ISO 27017 Consultants can help you understand and apply these controls as appropriate to your organization, managing the risks of using cloud services. In addition to the extended ISO 27001 controls, there are seven new areas to address:


  1. Responsibilities Between Cloud Service Provider & the Cloud Customer.
  2. Removal & Return of Assets on Termination.
  3. Protection & Separation of the Customer’s environment.
  4. Virtual Machine Configuration.
  5. Administrative operations & procedures.
  6. Activity Monitoring.
  7. Alignment of Virtual & Cloud Environments.


Cloud Services


Many individuals and organizations use cloud services on a daily basis, and the popularity continues to grow due to the many benefits they bring. However, this business model is still relatively new and continues to evolve through SaaS, PaaS and IaaS. ISO 27017 provides explicit guidance on the responsibilities of both the cloud service provider and the cloud customer, bringing much-needed clarity throughout the cloud models.

Benefits of ISO 27017


  1. Clear differentiator from competitors,
  2. Protect & Improve your reputation,
  3. Demonstrate commitment to Information Security,
  4. Better management of cloud service risks,
  5. Comprehensive risk management program,
  6. Established framework ready from growth.