BS ISO/IEC 27017:2015 Information technology. Security techniques. Code of practice for information security controls based on ISO/IEC 27002 for cloud services

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

BS ISO/IEC 27017:2015

Information technology. Security techniques. Code of practice for information security controls based on ISO/IEC 27002 for cloud services

Status : Current   Published : December 2015

Format
PDF

Format
HARDCOPY



BS ISO/IEC 27017:2015
Information technology. Security techniques. Code of practice for information security controls based on ISO/IEC 27002 for cloud services

What is it?

BS ISO/IEC 27017:2015 is a sector-specific supplement to BS ISO/IEC 27001:2013 and BS ISO/IEC 27002:2013 for use when providing or using cloud services. It contains additional security controls and guidance beyond those found in BS ISO/IEC 27002:2013.

How does it work?

BS ISO/IEC 27017:2015 follows the structure of BS ISO/IEC 27002:2013, providing guidance specific to cloud services. It also defines an extended control set of additional security controls specific to cloud services. BS ISO/IEC 27017:2015 is based on a model of collaboration between the cloud service provider and cloud service customer, whereby each accepts specific responsibilities in order to ensure the overall security of the cloud service as used by the customer.

If applicable, certification bodies operating in accordance with BS ISO/IEC 27006:2015 may reference BS ISO/IEC 27017:2015 when awarding certification.

Who should buy it?

BS ISO/IEC 27017:2015 is essential for any organization that wishes to provide cloud services that might be incorporated within an Information Security Management System (ISMS) certified against BS ISO/IEC 27001:2013. It defines their obligations and responsibilities necessary to ensure that such certification is possible.

It will also be useful to organizations wishing to use cloud services as consumers, both by identifying their responsibilities to ensure certification of related security controls against BS ISO/IEC 27001:2013 is possible, and as a checklist to ensure that potential providers of the cloud service have the necessary security policies, practices and controls in place.

See the preview for contents.




Standard NumberBS ISO/IEC 27017:2015
TitleInformation technology. Security techniques. Code of practice for information security controls based on ISO/IEC 27002 for cloud services
StatusCurrent
Publication Date31 December 2015
Cross ReferencesITU-T Y.3500, ISO/IEC 17788, ITU-T Y.3502, ISO/IEC 17789, ISO/IEC 27000, ISO/IEC 27002:2013, ITU-T X.805:2003, ISO/IEC 17203:2011, ISO/IEC 27001:2013, ISO/IEC 27005:2011, ISO/IEC 27018:2014, ISO/IEC 27036-1:2014, ISO/IEC 27036-2:2014, ISO/IEC 27036-3:2013, ISO/IEC 27036-4, ISO/IEC 27040:2015, ISO 19440:2007, ISO 31000:2009, NIST SP 800-145:2011, NIST 2009, ENISA 2009
International RelationshipsISO/IEC 27017:2015
Draft Superseded By15/30259619 DC
DescriptorsInformation exchange, Data security, Management, Computer hardware, Access, Computer networks, Data processing, Computer software, Data transmission, Data storage protection, Computers
ICS03.100.70
35.030
Title in FrenchTechnologies de l'information. Techniques de sécurité. Code de pratique pour les contrôles de sécurité de l'information fondés sur l'ISO/IEC 27002 pour les services du nuage
CommitteeIST/33
ISBN978 0 580 78159 9
PublisherBSI
FormatA4
DeliveryYes
Pages48
File Size1.022 MB
Price£232.00


 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


Collaborate, Innovate, Accelerate.


Worldwide Standards
We can source any standard from anywhere in the world


27 November

Organizational Resilience Annual Conference 2019


Customers who bought this product also bought

  • BS EN ISO/IEC 27002:2017
    Information technology. Security techniques. Code of practice for information security controls
  • BS EN ISO/IEC 27001:2017
    Information technology. Security techniques. Information security management systems. Requirements
  • BS ISO/IEC 27018:2019
    Information technology. Security techniques. Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
  • BS ISO/IEC 27005:2011
    Information technology. Security techniques. Information security risk management