close

close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

close

close

Press esc to close

close close

Back to course information

Thank you for your enquiry!

One of our training experts will be in touch shortly to go overy your training requirements.

close close

Thank you for your enquiry!

One of our training experts will be in touch shortly to go over your training requirements.

ISO 27017 Training courses

Online Instructor-led (2 days)

Classroom (2 days)

Online Self-paced (16 hours)

Course Outline

Basics

  • Introduction to ISO 27017
  • What is Information Security in ISO 27017?
  • Requirements of ISO 27017
  • What are the Benefits for a Business and Organisation?
  • The benefits of implementing ISO/IEC 27017:2015

Determining the Scope of the Information Security

  • Scope of ISO 27017
  • Who is ISO 27017 for?
  • What are the Main Differences?
  • Role of ISO 27017 in Various Organisations

Working of ISO 27017

  • How ISO 27017 Works?
  • Core Concepts of ISO 27017
  • Key Requirements of ISO 27017
  • How to make ISO 27017 effective?

Cloud Sector-Specific Concepts

  • Overview
  • Supplier Relationships in Cloud Services
  • Relationships Between Cloud Service Customers and Cloud Service Providers
  • Managing Information Security Risks in Cloud Services
  • Structure of this Standard

Understanding the Key Concepts of Information Security in Cloud Services

  • Key Concepts and Requirements of ISO/IEC 27001:2013 Work When Implementing ISO/IEC 27017:2015
  • ISO/IEC 27017:2015 Controls Relevant to your Risk Assessment

Performing ISO 27017 Audits

  • Preparing Audit Reports
  • Analysing Data
  • Auditing Procedures
  • Reviewing Documents and Reports
  • Validating Reports
  • Designing and Merging Findings
  • Classifying Findings
  • Planning, Organising, And Prioritising
  • Factors That Affect the Reliability of Audit Findings

Internal Auditor

  • Roles and Responsibilities of an Internal Auditor
  • Record Review Activities
  • Internal Auditor Checklist
  • Communication Between Departments
  • Drafting Reports and Test Plans
  • Prepare and Distribute an Audit Report

Scope

  • Scope Definition
  • Scope Consideration
  • Scope Statement
  • Scope Agreement
  • Guidelines

Information Security Policies

  • Management Direction for Information Security

Organisation of Information Security

  • Internal Organisation
  • Mobile Devices and Teleworking

Introduction to Lead Auditor

  • Definition of Lead Auditor

On-Site Auditing

  • Conduct Interview
  • Create and Evaluate Checklist
  • Questionnaires for Data Collection
  • Conduct Document Review
  • Evaluate The Work Done
  • Provide Sample

Remote Auditing

  • Observe Work Through Surveillance at The Workplace
  • Enhancing Interaction Through Communication
  • Conduct Document Reviews with Auditees
  • Data Analysis

Access control

  • Business Requirements of Access Control
  • User Access Management
  • User Responsibilities
  • System and Application Access Control

Physical and Environmental Security

  • Secure Areas
  • Equipment

Operations Security

  • Operational Procedures and Responsibilities
  • Protection from Malware
  • Backup
  • Logging and Monitoring
  • Control of Operational Software
  • Technical Vulnerability Management
  • Information Systems Audit Considerations

Communications Security

  • Network Security Management
  • Information Transfer

Show moredown

Prerequisites

Candidates must also have a basic knowledge of auditing to ensure that they fully understand the content of the course and gain required skills.

Audience

Anyone who plans, implements, maintains, supervises or assesses information security controls, as part of an information security management system, as either a customer or provider of cloud services.

ISO 27017 Information Security Controls for Cloud Services​ Course Overview

The ISO/IEC 27017:2015 standard is designed to use cloud information security controls as a reference when implementing a cloud computing information security management system for organisations based on ISO/IEC 27002:2013. ISO/IEC 27017 can be considered as a code of practice, which gives guidance on such controls and assists the delegates to concentrates on the more particular risks related to cloud services as a customer.

This 2-day ISO 27017 certification aims to build on the knowledge specific to the cloud. This course helps the delegates to clearly identify who is responsible to manage the different security risks and ensure the appropriate cloud security controls are in place so you can maintain a resilient ISMS.

This training covers below important concepts:

  • Concepts specific to the cloud
  • Typical information security risks in cloud services
  • ISO/IEC 27017:2015 introduction, scope and structure
  • Applicable terms and definitions
  • The benefits of implementing ISO/IEC 27017:2015
  • A typical ISO/IEC 27017:2015 implementation framework

At the end of this training course, delegates will be able to lead a team of auditors in planning and reporting audits, as well as Identify key benefits associated with using ISO/IEC 27017 for cloud services, alongside an effective ISMS. They will also ensure that management system considers appropriate cloud-related controls that enable improved organisational security as technology evolves. This course will also make them efficient to provide products and services that consistently meet customer needs and increases their confidence.

Show moredown

  • Delegate pack consisting of course notes and exercises
  • Manual
  • Experienced Instructor

Show moredown

Not sure which course to choose?

Speak to a training expert for advice if you are unsure of what course is right for you. Give us a call on + 1-613 800 4703 or Inquire.

What our customers are saying

Frequently asked questions

FAQ's

The ISO 27017 standard is designed to use cloud information security controls as a reference when implementing a cloud computing information security management system for organisations based on ISO/IEC 27002:2013.
The Knowledge Academy is the Leading global training provider in the world for ISO 27017 Training.
The price for ISO 27017 Training certification in Canada starts from CAD1079.

Why we're the go to training provider for you

icon

Best price in the industry

You won't find better value in the marketplace. If you do find a lower price, we will beat it.

icon

Trusted & Approved

We are accredited by PeopleCert on behalf of AXELOS

icon

Many delivery methods

Flexible delivery methods are available depending on your learning style.

icon

High quality resources

Resources are included for a comprehensive learning experience.

barclays Logo
deloitte Logo
Thames Water Logo

"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"

Joshua Davies, Thames Water

santander logo
bmw Logo
Google Logo
Shell Logo

"...the trainer for this course was excellent. I would definitely recommend (and already have) this course to others."

Diane Gray, Shell

Looking for more information on ISO 27017 Training