ISO/IEC 27017
E100886
ISO/IEC 27017 is an international standard that provides guidelines and controls for information security specifically tailored to cloud services, complementing general information security management standards.
All labels observed (1)
| Label | Occurrences |
|---|---|
| ISO/IEC 27017 canonical | 3 |
How this entity was disambiguated
This entity first appeared as the object of triple T868205 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: ISO/IEC 27017 Context triple: [ISO 27001, relatedStandard, ISO/IEC 27017]
-
A.
ISO 27001
ISO 27001 is an internationally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
-
B.
NIST SP 800-56A
NIST SP 800-56A is a NIST Special Publication that specifies approved methods for public-key establishment, including Diffie–Hellman–based key agreement schemes, for use in U.S. federal cryptographic systems.
-
C.
ISO 26324
ISO 26324 is the international standard that defines the structure, syntax, and functional framework of the Digital Object Identifier (DOI) system for uniquely identifying digital content.
-
D.
NIST digital identity guidelines
NIST digital identity guidelines are a set of U.S. government standards that define best practices and assurance levels for secure, privacy-conscious digital identity proofing, authentication, and lifecycle management.
-
E.
FBI data governance policies
FBI data governance policies are the formal rules and standards that regulate how the FBI manages, protects, and uses its information and intelligence data across the organization.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: ISO/IEC 27017 Target entity description: ISO/IEC 27017 is an international standard that provides guidelines and controls for information security specifically tailored to cloud services, complementing general information security management standards.
-
A.
ISO 27001
ISO 27001 is an internationally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
-
B.
NIST SP 800-56A
NIST SP 800-56A is a NIST Special Publication that specifies approved methods for public-key establishment, including Diffie–Hellman–based key agreement schemes, for use in U.S. federal cryptographic systems.
-
C.
ISO 26324
ISO 26324 is the international standard that defines the structure, syntax, and functional framework of the Digital Object Identifier (DOI) system for uniquely identifying digital content.
-
D.
NIST digital identity guidelines
NIST digital identity guidelines are a set of U.S. government standards that define best practices and assurance levels for secure, privacy-conscious digital identity proofing, authentication, and lifecycle management.
-
E.
FBI data governance policies
FBI data governance policies are the formal rules and standards that regulate how the FBI manages, protects, and uses its information and intelligence data across the organization.
- F. None of above. chosen
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf |
cloud security guideline
ⓘ
information security standard ⓘ international standard ⓘ |
| addresses |
cloud administrative operations and procedures
ⓘ
cloud customer and provider roles ⓘ cloud customer asset separation ⓘ cloud data lifecycle security ⓘ cloud monitoring and logging ⓘ cloud service agreements ⓘ cloud-specific risk management ⓘ information protection in cloud environments ⓘ shared responsibility in cloud security ⓘ virtualization security ⓘ |
| aimsTo |
enhance trust in cloud services
ⓘ
reduce information security risks in cloud computing ⓘ support implementation of cloud security controls ⓘ |
| appliesTo |
community cloud services
ⓘ
hybrid cloud services ⓘ private cloud services ⓘ public cloud services ⓘ |
| basedOn | ISO/IEC 27002 control structure ⓘ |
| complements |
ISO 27001
ⓘ
surface form:
ISO/IEC 27001
ISO/IEC 27002 ⓘ |
| covers |
implementation of cloud security controls
ⓘ
management of cloud security controls ⓘ selection of cloud security controls ⓘ |
| domain |
cloud computing
ⓘ
information technology ⓘ |
| extends | ISO/IEC 27002 with cloud-specific controls ⓘ |
| focusesOn |
cloud-specific information security controls
ⓘ
information security for cloud services ⓘ |
| intendedForUseBy |
cloud service customers
ⓘ
cloud service providers ⓘ organizations using cloud services ⓘ |
| language | English ⓘ |
| partOfSeries | ISO/IEC 27000 family ⓘ |
| provides |
guidelines for cloud service customers
ⓘ
guidelines for cloud service providers ⓘ implementation guidance for cloud security controls ⓘ |
| publishedBy |
International Electrotechnical Commission
ⓘ
International Organization for Standardization ⓘ |
| relatedTo |
ISO/IEC 27001 certification schemes
ⓘ
ISO/IEC 27018 ⓘ |
| targetAudience |
cloud service managers
ⓘ
compliance and risk officers ⓘ information security professionals ⓘ |
| usedAs | guidance for cloud security certification programs ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: ISO/IEC 27017 Description of subject: ISO/IEC 27017 is an international standard that provides guidelines and controls for information security specifically tailored to cloud services, complementing general information security management standards.
Referenced by (3)
Full triples — surface form annotated when it differs from this entity's canonical label.