Please advise how the ISO27001/27002 applies to a cloud computing environment.
Answer:
ISO 27001 applies directly to cloud computing environment, because it can give you an useful tool to identify risks about information security in any type of business, including cloud computing. So, with ISO 27001 you can identify risks related to a cloud based business and you can also reduce them with the security controls of the ISO 27002 (remember that these controls are included in the Annex A of the ISO 27001).
Anyway, there are other standard that can be interesting for you: "ISO/IEC 27017 Information technology Security techniques code of practice for information security controls based on ISO/IEC 27002 for cloud services: https://www.iso.org/standard/43757.html
Finally, this article can be interesting for you Cloud computing and ISO 27001 / BS 25999 : https://advisera.com/27001academy/blog/2011/05/30/cloud-computing-and-iso-27001-bs-25999/
And also this article about ISO 27001/ISO 27002 ISO 27001 vs. ISO 27002 : https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
Comment as guest or Sign in
Jan 12, 2016