Certification

ISO/IEC 27017

Share This Post

About

ISO/IEC 27017

Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services.

What is ISO/IEC 27017?

ISO/IEC 27017:2015 provides guidelines for information security controls applicable to the provision
and use of cloud services by providing:

  • Guidelines for implementing relevant controls specified in ISO/IEC 27002
  • Additional controls with implementation guidance for cloud service providers and customers.

Who can apply for ISO/IEC 27017?

This certification is applicable to all types and sizes of organizations, including public and private
companies, government entities and not-for-profit organizations, which provide information
processing services as Personally identifiable information (PII) processors via cloud computing under
contract to other organizations.

Benefits

Why is ISO/IEC 27017 important?

  • In addition to protecting your reputation, ISO/IEC 27017 ensures that your customers and
    stakeholders' data, documents, messages, and activities are protected.
  • Reduces operational risk by analysing vulnerabilities and mitigate against data breaches, as well as regulatory fines and penalties.
  • Achieve a competitive advantage through ISO/IEC 27017 certification, which demonstrates your commitment to global information security practices and strong IT governance.
  • Establish and clarify responsibilities: ISO/IEC 27017 defines the specific relationship, roles, rights, and responsibilities between cloud service customers and cloud service providers, allowing you to expand your business globally as a preferred CSP.

Let GICG help you to position your brand differently! Speak to us today!

CONTACT US

Scroll to Top