ISO/IEC 27017 is a code of practice, which provides guidance on these controls and helps you focus on the more specific risks associated with cloud services as a customer or provider. While using a cloud service can often increase information security risks, many of the ISO/IEC 27001 controls highlight responsibilities for either a cloud service customer, or the cloud service provider. GAQM Certification is an independent entity with recognized prestige, that aims to help organizations achieve their commitment to continuous improvement. We analyze the needs of our clients so that our auditors and specialists in each sector of activity can provide a service that provides maximum value when assessing compliance in your organization. The ISO/IEC 27017 standard was published in 2015 and belongs to the ISO/IEC 27000 family. The standard establishes good practices of security in the field of cloud services, defining the functions and responsibilities of the providers and clients of cloud services. ISO/IEC 27017 is an internationally recognized standard for securing cloud services and is aimed at all cloud service providers. It thus supports the implementation of cloud-specific information security measures. The standard is coordinated with the implementation recommendations from ISO/IEC 27002 and thus fits seamlessly into an IT security management system according to ISO/IEC 27001 Alongside your ISO/IEC 27001 ISMS, ISO/IEC 27017 helps manage the confidentiality, integrity and availability of your business information or information entrusted to you by others.

E-Course Duration: 45 to 50 hours

• Anyone who plans, implements, maintains, supervises or assesses information security controls, as part of an information security management system, as either a customer or provider of cloud services.