Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.



Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

ISO 27017 Training

Online Instructor-led (2 days)

Classroom (2 days)

Online Self-paced (16 hours)

ISO 27017 Information Security Controls for Cloud Service Exam

ISO 27017 Information Security Controls for Cloud Services​ Course Outline


Module 1: Introduction

  • Scope
  • Normative References
    • Identical Recommendations | International Standards
    • Additional References
  • Definitions and Abbreviations

Module 2: Cloud Sector-Specific Concepts

  • Overview
  • Supplier Relationships in Cloud Services
  • Relationships Between Cloud Service Customers and Cloud Service Providers
  • Managing Information Security Risks in Cloud Services
  • Structure of this Standard

Module 3: Information Security Policies and Organisation of Information Security

  • Management Direction for Information Security
  • Organisation of Information Security

Module 4: Introduction to Human Resource Security and Asset Management

  • Human Resource Security
    • Prior to Employment
    • During Employment
    • Implementation Guidance for Cloud Services
    • Termination and Change of Employment
  • Asset Management
    • Responsibility for Assets
    • Implementation Guidance for Cloud Services
    • Information Classification
    • Media Handling

Module 5: Define Access Control and Cryptography

  • Access Control
    • Business Requirements of Access Control
    • Implementation Guidance for Cloud Services
    • User Access Management
    • User Access Management
    • System and Application Access Control
  • Cryptography
    • Cryptographic Controls

Module 6: Physical, Environmental, and Operations Security

  • Secure Areas
  • Equipment
  • Operations Security
    • Operational Procedures and Responsibilities
    • Protection from Malware
    • Backup
    • Logging and Monitoring
    • Control of Operational Software
    • Technical Vulnerability Management
    • Information Systems Audit Considerations

Module 7: Communications Security, System Acquisition, Development and Maintenance

  • Communications Security
    • Network Security Management
    • Information Transfer
  • System Acquisition, Development and Maintenance Security
    • Security Requirements of Information Systems
    • Security in Development and Support Processes
    • Test Data

Module 8: Supplier Relationships and Information Security Incident Management

  • Supplier Relationships
    • Information Security in Supplier Relationships
    • Supplier Service Delivery Management
  • Information Security Incident Management
    • Management of Information Security Incidents and Improvements

Module 9: Information Security Aspects of Business Continuity Management and Compliance

  • Information Security Continuity
  • Redundancies
  • Compliance
    • Compliance with Legal and Contractual Requirements
    • Information Security Reviews

Show moredown



There are no formal prerequisites for attending this course. However, delegates must have decent knowledge about ISO standards.


This ISO 27017 Information Security Controls for Cloud Services is suitable for anyone who wants to plan, implement, maintain, and assess information security controls as either a customer or provider of cloud services.

ISO 27017 Information Security Controls for Cloud Services​ Course Overview

ISO 27017 is an international information security standard developed to provide security for reducing the risk of data breach and allows organisations to ensure high-quality cloud service data security. Implementing an information security management system will help organisations enhance the resilience to unwanted cyber-attacks. There are three main types of cloud deployment models that will help to enhance the security of cloud service data such as hybrid cloud, public cloud, and private clouds. Our technically expert trainers will proudly share their knowledge which we are sure will be of immense value, and will help you to build their bright future in this competitive era.

This 2-day ISO 27017 Information Security Controls for Cloud Services training course provides delegates with broad knowledge of managing different security risks and ensures the appropriate cloud security controls to protect the organisations from data theft and information systems breaches. The delegates will learn from basics to the advanced concepts of Information Security Controls for Cloud Services, such as cloud sector-specific concepts, human resource security and asset management, access control and cryptography etc.

This training will cover various essential concepts, such as:

  • Responsibility for assets
  • Inventory of assets
  • Implementation guidance for cloud services
  • Management direction for Information Security
  • Business requirements of access control
  • Access control policy
  • Access to networks and network services
  • Information transfer
  • Confidentiality or non-disclosure agreements

After attending this course, delegates will be able to implement various policies of information security. They will enhance their knowledge of different security systems used to protect the business from unwanted risks.

Holding The Knowledge Academy’s ISO 27017 Information Security Controls for Cloud Services course certification may also provide exciting opportunities for a career change and helps delegates to get a good job position in multinational organisations.

Show moredown

  • Delegate pack consisting of course notes and exercises
  • Manual
  • Experienced Instructor

Show moredown

ISO 27017 Information Security Controls for Cloud Service Exam

At the end of this 2-day training course, delegates will be required to sit an exam. This exam is included with the course fee, and is formatted like so:

  • Multiple choice questions
  • Duration of 40 minutes
  • 50% pass mark
  • Closed book

Show moredown

Not sure which course to choose?

Speak to a training expert for advice if you are unsure of what course is right for you. Give us a call on +61 272026926 or Enquire.

ISO 27017 Training FAQs


The ISO 27017 standard is designed to use cloud information security controls as a reference when implementing a cloud computing information security management system for organisations based on ISO/IEC 27002:2013.
The Knowledge Academy is the Leading global training provider for ISO 27017 Training.
The price for ISO 27017 Training certification in Australia starts from AUD.

Why we're the go to training provider for you


Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.


Trusted & Approved

We are accredited by PeopleCert on behalf of AXELOS


Many delivery methods

Flexible delivery methods are available depending on your learning style.


High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo

Looking for more information on ISO 27017 Training