ISO 27017 Services

ISO 27017, also known as Code of Practice for Information Security Controls Based on ISO/IEC 27002 for Cloud Services, is a security standard designed specifically for the cloud services industry.

Including ISO 27017 controls in your ISMS shows the maturity of your cloud organization’s information security environment. Built upon the ISO 27002 standard, ISO 27017 allows organizations the ability to add controls specific to the cloud environment, including guidance specific to Cloud Service Providers on 37 of the controls within ISO 27002.

For cloud organizations that handle personally identifiable information, click here to find out more about our ISO 27018 services.

About Our ISO 27017 Services

ISO 27017 is designed to provide recommendations on the implementation of controls for cloud-based organizations. This standard provides controls, enhanced from ISO 27001 and 27002, that can be implemented for those who provide cloud-based services to another organization, or who store information in the cloud.

The additional controls that cloud organizations can expect to see include:

  • Shared roles and responsibilities within a cloud computing environment
  • Removal of cloud service customer assets
  • Segregation in virtual computing environments
  • Virtual machine hardening
  • Administrator’s operation security
  • Monitoring of cloud services
  • Alignment of security management for virtual and physical networks

By including these controls in the scope of the ISO 27001 certification, organizations can demonstrate their conformance to this cloud-specific standard. To learn more about the ISO 27001 certification process, click here.

ISO 27017 Solutions Tailored to Your Company

Choosing A-LIGN as your partner benefits your organization by:

  • Offering controls tailored specifically to the cloud environment.
  • Providing you with our experienced team of auditors with extensive knowledge and experience in ISO 27017.
  • Demonstrating the maturity of your cloud environment’s information security management system.

The A-LIGN Edge

Our customized compliance solutions and streamlined audit process allow you to meet all of your audit and compliance needs with a single service provider. One-stop shopping means a stress-free audit process for you, as you work with one team who understands the unique needs of your organization. See what our clients have to say:

Benefit from Our ISO 27017 Expertise