Course

Information Security Management Systems – ISMS

ISO/IEC 27017 Information Security Controls for Cloud Services training course

This two-day course will highlight the importance of selecting security controls for cloud services when implementing a cloud computing information security management system.

This interactive training provides course will assist participants to understand how ISO/IEC 27017 supports with building a more effective ISO/IEC 27001 Information Security Management System (ISMS). It will provide excellent knowledge of the different cloud security controls and train how to ensure the appropriate ones are in place.

ISO/IEC 27017:2015 is a security control for cloud services and is an extension to ISO/IEC 27001 and ISO/IEC 27002. The standard advises on both the cloud service customers and cloud service providers. ISO 27017 is designed to help you and your organizations when selecting security controls for cloud services when implementing a cloud computing information security management system. As an extension to ISO 27002, ISO 27017 provides the guidance on 37 controls from ISO 27002

Participants of this course will be able to learn:

  • What is Cloud and the different types of cloud models?
  • Benefits of implementing ISO/IEC 27017:2015
  • Information security risks encounter in cloud services
  • Understand structure and controls applicable to cloud services based on ISO/IEC 27017:2015
  • Examine and select controls from ISO/IEC 27017:2015 based on risk assessment, through case studies
  • Understand the specific guidance for cloud service customers and cloud service providers