BS ISO/IEC 27017:2015提供了适用于云服务提供和使用的信息安全控制指南:ISO/IEC 27002中规定的相关控制的附加实施指南；附加的控制措施以及具体与云服务相关的实施指南。本建议/国际标准为云服务提供商和云服务客户提供了控制和实施指南。交叉引用:ITU-T Y.3500ISO/IEC 17788ITU-T Y.3502ISO/IEC 17789ISO/IEC 27000ISO/IEC 27002:2013ITU-T X.805:2003ISO/IEC 17203:2011ISO/IEC 27001:2013ISO/IEC 27005:2011ISO/IEC 27036-1:2014ISO/IEC 27036-2:2014ISO/IEC 27036-3:2013ISO/IEC 27036-4ISO/IEC 27040:2015ISO 19440:2007ISO 31000:2009SP 800- 145:2011NIST 2009ENISA 2009购买本文件时，所有当前可用的修订均包含在购买本文件中。

BS ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:additional implementation guidance for relevant controls specified in ISO/IEC 27002;additional controls with implementation guidance that specifically relate to cloud services.This Recommendation/International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.Cross References:ITU-T Y.3500ISO/IEC 17788ITU-T Y.3502ISO/IEC 17789ISO/IEC 27000ISO/IEC 27002:2013ITU-T X.805:2003ISO/IEC 17203:2011ISO/IEC 27001:2013ISO/IEC 27005:2011ISO/IEC 27018:2014ISO/IEC 27036-1:2014ISO/IEC 27036-2:2014ISO/IEC 27036-3:2013ISO/IEC 27036-4ISO/IEC 27040:2015ISO 19440:2007ISO 31000:2009NIST SP 800-145:2011NIST 2009ENISA 2009All current amendments available at time of purchase are included with the purchase of this document.