ISO/IEC 27017:2015提供了适用于云服务提供和使用的信息安全控制指南，提供了: -ISO/IEC 27002中规定的相关控制的附加实施指南； -具有具体与云服务相关的实施指南的附加控制。 该推荐国际标准为云服务提供商和云服务客户提供控制和实施指导。

ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing: - additional implementation guidance for relevant controls specified in ISO/IEC 27002; - additional controls with implementation guidance that specifically relate to cloud services. This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.