(Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services) is essentially an extension of ISO/IEC 27002 . While 27002 provides general information security controls, 27017 adapts these specifically for the cloud, addressing the unique risks associated with cloud computing (such as data segregation, virtualization, and shared responsibilities).
ISO/IEC 27017 is an international standard that provides additional implementation guidance for cloud-specific security controls. Unlike general IT standards, it acknowledges that in a cloud environment, security is a between the provider and the user. Key Features: ISO/IEC 27017:2015 - Security techniques iso/iec 27017 pdf
If you're looking for an official , it's important to note that these standards are copyrighted and generally must be purchased. You can find them on official platforms like the ISO Store , the ANSI Webstore , or through retailers like GRC Solutions . (Information technology — Security techniques — Code of