Information technology -- Security techniques -- Information security for supplier relationships -- Part 4: Guidelines for security of cloud services

Standard

ABSTRACT

ISO/IEC 27036-4 provides cloud service customers and cloud service providers with guidance on
a) gaining visibility into the information security risks associated with the use of cloud services and managing those risks effectively, and
b) responding to risks specific to the acquisition or provision of cloud services that can have an information security impact on organizations using these services.
ISO/IEC 27036-4 does not include business continuity management/resiliency issues involved with the cloud service. ISO/IEC 27031 addresses business continuity.
ISO/IEC 27036-4 does not provide guidance on how a cloud service provider should implement, manage and operate information security. Guidance on those can be found in ISO/IEC 27002 and ISO/IEC 27017.
The scope of ISO/IEC 27036-4 is to define guidelines supporting the implementation of information security management for the use of cloud services.

ISO/IEC 27036-4:2016

ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protection

General information

Status: Published
Publication date :
2016-10-01
Working Groups :
Category: Cloud computing Cybersecurity
SDO:

IEC

ISO
Latest published version :

https://standards.iso.org/ittf/PubliclyAvailableStandards/c059648_ISO_IEC_27036-1_2014.zip

Information technology -- Security techniques -- Information security for supplier relationships -- Part 4: Guidelines for security of cloud services

ABSTRACT

General information

A new standard for AI-based Network Applications in beyond 5G

Addressing clinical information interoperability standards with AI standards to increase its power in its application in health.

New and emerging DLT and Blockchain Use Cases for ISO/TR 24878

Quantum Key Distribution …

Security Certification of QKD

Simulation and digital twins as model-based AI

Can the usage of simulators an…

The concept of autonomous…

Towards autonomous open radio…

OETP and the transparency of Ai problem

Open Ethics Transparency Proto…

Security Certification of QKD

Security Certification of QKD

Security Certification of QKD

Security Certification of QKD

New ISO project - societal concerns and ethical considerations

Strengthening the ethical dime…

I missed some mention about…

Towards autonomous open radio…

CEN/TC 465 taking up the mental

Smart City standards for citiz…

Developments in ISO/TC 307 - ISO/IEC JTC 1/SC 27 JWG4

Update on the developments in…

5G communications
Applications of information technology
Artificial Intelligence
Big Data
Blockchain
Circular Economy
Citiverse
Cloud computing
Computer graphics
Cybersecurity
Data storage services
Data technologies
Digital Product Passport
Digital Twin
E-Invoicing
Edge Computing
eHealth
Information coding
Intelligent Transport System
Interface and interconnection equipment
IoT
IT terminal and other peripheral equipment
Languages used in IT
Network Security
Ontologies
OSI - Open System Interconnections
Quantum Computing
Smart Cities
Trusted Information
Vertical Industries

None
3GPP
A4BLUE
Allotrope Foundation
ANSI
ASD-STAN
ASTM
ATIS
BIMERR
CEN
CEN/CENELEC
CENELEC
CIGI
CSA
DIF
DIN
DMTF
Enterprise Ethereum
ERCIM
Ethereum Community
ETSI
European Commission
GICTF
GreenBlue
GS1
HL7
Hyperledger Foundation
IEA-EBC
IEC
IEEE
IETF
iiRDS
INRAE
IOF
ISO
ISO/IEC
ISO/IEC/IEEE
ISO/TR
ITU
Metaverse
Microsoft
MPAI
NEN
NIST
None
NSAI
OASIS
OGC
OMA
OMG
oneM2M
OPC
OpenForum Europe
OpenID Foundation
OpenPEPPOL
RDA
SAE
SEAS
SMPTE
SNIA
STANDARDS AUSTRALIA
TIA
UN/CEFACT
UNECE
W3C

follow us

Information technology -- Security techniques -- Information security for supplier relationships -- Part 4: Guidelines for security of cloud services

ABSTRACT

General information