# ISO/IEC 27017:2015: Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services

# Acronyms, Abbreviations, and Initialisms

Short Form Full Form
CSC Cloud Service Customer
CSP Cloud Service Provider
IEC International Electrotechnical Commission
ISO International Organization for Standardization

# Overview

ISO/IEC 27017 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

  • additional implementation guidance for relevant controls specified in ISO/IEC 27002;
  • additional controls with implementation guidance that specifically relate to cloud services.

This standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

# Noteworthy

  • ISO/IEC 27017 is focused on cloud services and computing.

# Sources