Cloud security that doesn’t leave you high and dry
ISO 27017 is the international standard for cloud-specific information security controls. It builds on ISO 27001 and addresses the unique risks that come with using or providing cloud services. Things like shared responsibility, multi-tenancy, virtual machines, and the classic “who’s actually securing what” dilemma. If your business touches the cloud, and it does, ISO 27017 helps you lock it down with clarity and confidence.
Adding ISO 27017 to your ISO 27001 system is like putting a security camera on your already locked front door. It enhances your cloud security posture without reinventing your management system. Instant 27001’s optional ISO 27017 add-on gives you targeted controls, pre-aligned documentation, and a smoother path to audit readiness. Because trusting the cloud is smart. Securing it properly is smarter.
Benefits
The ISO 27017 add-on provides implementation guidelines for 37 annex A controls, suitable for both cloud service providers and/or customers.
Next to that, it introduces seven new controls, the numeration of these controls is compatible with the existing structure of Instant 27001.
- CLD.6.3.1 Shared roles and responsibilities within a cloud computing environment
- CLD.8.1.5 Removal of cloud service customer assets
- CLD.9.5.1 Segregation in virtual computing environments
- CLD.9.5.2 Virtual machine hardening
- CLD.12.1.5 Administrator’s operational security
- CLD.12.4.5 Monitoring of cloud services
- CLD.13.1.4 Alignment of security management for virtual and physical networks
Add-ons can be used together with Instant 27001 for Confluence or Microsoft 365 (ISOPlanner). Instructions for installation and implementation are provided.
Pricing
€ 1 495
All prices are excluding applicable taxes and subscription fees for Confluence, Microsoft 365 or ISOPlanner.