1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
Overview
ISO 27017 is an international standard providing guidelines for information security controls applicable to cloud services. It addresses both cloud service providers and customers, ensuring security and compliance in cloud environments through additional controls and best practices tailored to the unique aspects of cloud computing.
We help cloud providers and cloud customers adopt ISO 27017 controls on top of an existing ISO 27001 ISMS — closing the gaps unique to shared-responsibility cloud environments.
Industries we serve
- · Cloud Service Providers
- · SaaS
- · Managed Service Providers
What's Included
Everything in this engagement, end to end.
Gap assessment of existing ISMS against ISO 27017 cloud controls
Shared responsibility mapping between provider and customer
Cloud-specific policy and procedure development
Evidence collection across major cloud providers
Audit readiness and continuous monitoring
Outcomes
What you walk away with
01
Clear delineation of cloud security responsibilities
02
ISO 27017 alignment built on top of ISO 27001
03
Stronger trust signal for cloud customers
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1
0
1