En proceso de publicación
ISO/IEC 27017
Information security, cybersecurity and privacy protection — Information security controls based on ISO/IEC 27002 for cloud services
Reference number
ISO/IEC 27017
Edition 2
2026-07
En proceso de publicación
ISO/IEC 27017
82878
En proceso de publicación (Edición 2, 2026)
Pasos finales de producción (hasta siete semanas).
Reemplazará ISO/IEC 27017:2015

Resumen

This document provides guidance for information security controls, based on ISO/IEC 27002, applicable to the provision and use of cloud services.  This document provides

  additional guidance for relevant controls specified in ISO/IEC 27002:2022;

  additional controls with guidance that specifically relate to cloud services.

This document provides controls and guidance for CSCs and CSPs.

This document is considered to be a horizontal document as it provides a foundation and a common understanding of security regarding the provision and use of cloud services.

 This document applies to all types of cloud deployment models including the private cloud. When applying this document to the private cloud, the controls and guidance of this document are applicable, although adjustments can be necessary to adapt to the relationships and abilities of an organization’s internal departments.

Informaciones generales

  •  : En desarrollo
     : 2026-07
    : Norma Internacional en proceso de publicación [60.00]
  •  : 2
  • ISO/IEC JTC 1/SC 27
    35.030  03.100.70 
  • RSS actualizaciones

¿Tiene alguna duda?

Consulte nuestras Ayuda y asistencia