I would really appreciate your opinion on this iso27017 matter. This is the case.
Company A is ISO27001 certified for the ".... management of cloud infrastructure (IaaS)"
Company A does not have its own data center.
Company A provides IaaS services based on cloud resources and technology of a Big provider (such as MS Azure vmware solution) with which Company A has a contract.
Company A wants to integrate iso27017 to its current iso27001 certificate (which already includes IaaS services).
From an iso27017 perspective, is company A to be considered cloud service customer or cloud service provider or both? And why?
Thanks in advance