ISO 2701710
ISO/IEC 27017 cloud-services-specific security controls that extend ISO/IEC 27002 for cloud customers and providers.
Requirements in this framework
- Cloud administrative operations security
- Cloud API and interface security
- Cloud asset and tenant segregation controls
- Cloud customer onboarding and offboarding controls
- Cloud lifecycle and change security
- Cloud monitoring and incident handling
- Cloud service continuity and recovery
- Cloud shared responsibility governance
- Shared responsibility communications
- Virtual environment isolation assurance