Cloud Computing

ISO 27017 – information security for cloud services


ISO 27017 extends ISO 27002 and, in conjunction with ISO 27001, offers both cloud service operators and companies that are cloud service customers a framework to implement specific measures for cloud services. The selection and implementation of specific security measures is based on the risk analysis required by ISO 27001.

Your benefits
  • ISO 27017 is an extension of ISO 27002. Implementation in an existing ISMS according to ISO 27001 or in the course of setting up a new ISMS is therefore easy.
  • The standard contains specific security measures for cloud service providers and cloud service customers. This greatly simplifies cooperation between the two.
  • Internationally recognized standard

ISO 27017 can be certified together with ISO 27001.

Information on the project phases and the certification process can be found here.


We are pleased that you are interested in our services. We gladly provide you with free and non-binding information and therefore kindly ask you for the following information:

Error: Contact form not found.

We look
forward to
hearing from

Write to us!

Do you have specific inquiries about the CIS service portfolio? Our experts will be happy to provide you with advice and support at any time!

Our experts for this area

Impartial. Competent. Trustworthy.


Portraitfoto Robert Jamnik

Mr. Robert Jamnik

Head of Audit Services, Lead Auditor ISO 20000, ISO 27001 and NISV

+43 1 532 98 90