ISO 27017 is an addition to ISO 27001 that was released in 2015.
ISO 27017 is relevant for providers and customers of cloud services
The ISO 27017 add-on provides implementation guidelines for 37 annex A controls, suitable for both cloud service providers and/or customers.
Next to that, it introduces seven new controls, the numeration of these controls is compatible with the existing structure of Instant 27001.
- A.6.3.1 Shared roles and responsibilities within a cloud computing environment
- A.8.1.5 Removal of cloud service customer assets
- A.9.5.1 Segregation in virtual computing environments
- A.9.5.2 Virtual machine hardening
- A.12.1.5 Administrator’s operational security
- A.12.4.5 Monitoring of cloud services
- A.13.1.4 Alignment of security management for virtual and physical networks
Instant 27001 add ons can be installed by importing them and subsequently merging them with the existing content. Instructions to do so are included. Alternatively, you can let us do the work for you!
- ISO 27017 add-on: € 995 (for existing Instant 27001 clients)
- Instant 27001 + ISO 27017 add-on: € 2990
Depending on your location, local taxes may apply (read more).