ISO 27017:2015 - IT Security Control (Cloud Services)
The ISO 27001 series tackles some of these issues, but a new standard, ISO/IEC 27017 Information technology — Security approaches, goes a step further and provides further assurance to potential cloud clients. Cloud standards are technological standards that address cloud provider rules and guidelines directed at cloud service providers.
ISO/IEC 27017 is unusual and particularly useful in that it gives information and assistance to both the CSP and the cloud service client. In addition to assuring the safety of services, ISO/IEC 27017 attempts to educate consumers on what they should expect from their cloud host.
