Many individuals and organisations use cloud services on a daily basis, and the popularity continues to grow due to the many benefits they bring.
However, this business model is still relatively new and continues to evolve through SaaS, PaaS and IaaS.
ISO 27017 provides explicit guidance on the responsibilities of both the cloud service provider and the cloud customer, bring much needed clarity throughout the cloud models.
ISO 27017 Certification
While ISO 27017 Certification is not common, and there is currently no UKAS accredited scheme, some respected certification bodies will include the ISO 27017 Cloud Services Controls within the scope of an ISO 27001 Management System.
Our ISO 27017 Consultants can guide you through the process of defining an appropriate management system scope and attain an independent and impartial audit of these extended controls.
Benefits of ISO 27017
Clear differentiator from competitors,
Protect & Improve your reputation,
Demonstrate commitment to Information Security,
Better management of cloud service risks,
Comprehensive risk management programme,
Established framework ready from growth.
The Information Security Management System (ISMS), in conjunction with ISO 27002 which provides more guidance on each Annex A Control.
ISO 27018 provides specific guidance and controls for Personal Identifiable Information (PII) in Public Clouds.