ISO/IEC 27017:2015 Certification
What is ISO 27017 Certification?
ISO/IEC 27017:2015 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO/IEC 27002 and ISO/IEC 27001 standards.
Within the ISO 27000 family of standards, ISO 27017 is a code of practice outlining additional information security controls, specifically for cloud service providers and their customers.
ISO 27017 standard provides cloud-based guidance on 37 of the controls in ISO 27002 but also features seven new cloud controls that address shared roles and responsibilities, the monitoring of cloud services activity, alignment of the security management of the virtual and cloud network environment and more.
Benefits of ISO 27017 Certification
Who can be certified ISO 27017 Certification?
Any organisation which provides cloud-based services can benefit from ISO/IEC 27017 certification – from online email providers and document management platforms to cloud-based apps and tools.
Document required for ISO 27017 Certification
The extent of Documented Information differs as per:
Role of Shamkris and Process of ISO 27017 Certification
Shamkris adopts a results-oriented approach to effective system implementation in the organization. A simple and practical method of system implementation helps organizations increase business efficiency and sustainability. Shamkris supports 100% documentation to obtain a certificate of success in addition to enhanced performance.
The implementation process is described below: