Company Profile
Training Catalogue
POPIA Compliance

    ISO Banner

    ISO/IEC 27017:2015
    Information Technology – Security techniques

    ISO/IEC 27017:2015
    Information Technology – Security techniques

    Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines.

    ISO/IEC 27701:2019 is a privacy extension to the ISO/IEC 27001:2013 Information Security Management and ISO/IEC 27002:2013 Security Controls Standards. It provides guidance on the protection of privacy, including how organizations should manage personal information, and assists in demonstrating compliance with privacy regulations around the world.

    What is ISO/IEC 27017:2015?

    Why does an Organisation need ISO/IEC 27017:2015?

    What are the Benefits of Implementing ISO/IEC 27017:2015?

    How do I Implement ISO/IEC 27017:2015 in an Organisation?

    Why Choose WWISE to Assist your Organisation:

    Guideline Conformance Process:

    What is ISO/IEC 27017:2015?

    Some of the guidelines are for cloud service customers who implement controls, and some are for service providers to support the implementation of said controls.

    Selecting appropriate information security controls will depend on a risk assessment and any other cloud-sector specific information security requirements.

    Why does an Organisation need ISO/IEC 27017:2015?

    ISO/IEC 27017:2015 provides practical information about what to expect from cloud service providers. It also outlines the roles and responsibilities that users of cloud services have.

    An organisation that implements this standard can be confident that they are effectively utilising cloud services while protecting themselves. ISO/IEC 27017:2015 allows you to provide your customers with the assurance that their information is safe.

    What are the Benefits of Implementing ISO/IEC 27017:2015?

    More businesses are offering cloud-based services and so the protection of cloud services is pressing. Stakeholders want to be reassured that their data is safe, and they want evidence that their data, activity, documents, and messages are protected under any circumstances.

    ISO/IEC ISO/IEC 27017 certification provides multiple benefits, such as:

    • A reduction in operational risk because vulnerabilities are analysed, and risks are mitigated.
    • An independent third-party certification builds the reputation of the organisation and earns trust.
    • Responsibilities are clearly outlined and defined.

    How do I implement ISO/IEC 27017:2015 in an organisation?

    No content provided for this section.

    Why Choose WWISE to assist your organisation?

    An Organisation cannot certify to a guideline standard; you can implement the standard and receive a letter of conformity.