DIN Standards Committee Information Technology and IT Applications
Information security, cybersecurity and privacy protection - Information security controls based on ISO/IEC 27002 for cloud services (ISO/IEC DIS 27017:2025)
Abstract
This document provides guidance for information security controls, based on ISO/IEC 27002, applicable to the provision and use of cloud services. This document provides: - additional guidance for relevant controls specified in ISO/IEC 27002:2022; - additional controls with guidance that specifically relate to cloud services. This document provides controls and guidance for CSCs and CSPs. This document applies to all types of cloud deployment models including the private cloud. When applying this document to the private cloud, the controls and guidance of this document are applicable, although adjustments can be necessary to adapt to the relationships and abilities of an organization's internal departments.”
Begin
2024-04-26
WI
JT013077
Planned document number
prEN ISO/IEC 27017
Responsible national committee
NA 043-04-13 GA - DIN/DKE Joint working committee Cybersecurity
Responsible european committee
CEN/CLC/JTC 13 - Cybersecurity and Data Protection
