ISO 27017 is the Code of practice for information security controls based on ISO/IEC 27002 for cloud services.


ControlDescription
CLD.6.3.1 Shared roles and responsibilities within a cloud computing environment
Responsibilities for shared information security roles in the use of the cloud service should be allocated to identified parties, documented, communicated, and implemented by both the cloud service customer and cloud service provider.
CLD.8.1.5 Removal of cloud service customer assets
Assets of the cloud service customer that are on the cloud service provider's premises should be removed, and returned if necessary, in a timely manner upon the termination of the cloud service agreement.
CLD.9.5.1 Segregation in the virtual computing environment
A cloud service customer's virtual environment running on a cloud service should be protected from other cloud service customers and unauthorized persons.
CLD.9.5.2 Virtual machine hardening
Virtual machines in a cloud computing environment should be hardened to meet business needs.
CLD.12.1.5 Administrator's operational security
Procedures for administrative operations of a cloud computing environment should be defined, documented, and monitored.
CLD.12.4.5 Monitoring of cloud services
The cloud service customer should have the capability to monitor specified aspects of the operation of the cloud services that the cloud service customer uses.
CLD.13.1.4 Alignment of security management for virtual and physical networks
Upon configuration of virtual networks, consistency of configurations between virtual and physical networks should be verified based on the cloud service provider's network security policy.


To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.