ISO 27017 gives guidelines for information security controls applicable to both cloud service providers and cloud service customers.
ISO 27017 is relevant for cloud service providers
This add-on introduces seven new controls, and the numeration of these controls is compatible with the existing structure of Instant 27001.
- A.6.3.1 Shared roles and responsibilities within a cloud computing environment
- A.8.1.5 Removal of cloud service customer assets
- A.9.5.1 Segregation in virtual computing environments
- A.9.5.2 Virtual machine hardening
- A.12.1.5 Administrator’s operational security
- A.12.4.5 Monitoring of cloud services
- A.13.1.4 Alignment of security management for virtual and physical networks
Instant 27001 add ons can be installed by importing them and subsequently merging them with the existing content. Instructions to do so are included. Alternatively, you can let us do the work for you!
- ISO 27017 add-on: € 495 (for existing Instant 27001 clients)
- Instant 27001 + ISO 27017 add-on: € 2490
Depending on your location, local taxes may apply (read more).