☁ CSP — Cloud Service Provider
Organisation that makes cloud services available. Responsible for the underlying infrastructure, platform or software service.
💻 CCU — Cloud Customer
Organisation or person that uses cloud services. Responsible for configuring and using services securely within the shared responsibility model.
🤝 Shared Responsibility
Security responsibilities that apply to both CSP and cloud customer. Many ISO 27017 controls specify different actions required from each party.
Compliant
Partial
Non-compliant
Not assessed

Your Name

Organisation
Role / Position

▣ Profile Information

✓ Saved

ISO 27017 Assessment Progress

Get in Touch with ISO Xpert

We are a UK-based ISO consultancy specialising in ISO/IEC 27001 and cloud security. Our expert team helps cloud service providers and cloud customers implement ISO 27017 controls, extend ISMS scope to cloud environments, and achieve certification.

Call / WhatsApp
+44 7853 109840
Available for calls & WhatsApp
Email
info@iso-xpert.com
We respond within 24 hours
📍
Address
71-75 Shelton Street
Covent Garden, London
WC2H 9JQ, United Kingdom
🌐
Website
iso-xpert.com
Visit for services & resources
🗺
71-75 Shelton Street, Covent Garden, London WC2H 9JQ

Click to open in Google Maps

🔒 Privacy Policy

Privacy Policy

Last updated: April 2025  |  ISO Xpert Ltd  |  71-75 Shelton Street, Covent Garden, London WC2H 9JQ

ISO Xpert Ltd is committed to protecting your privacy. All data entered in this tool is stored exclusively in your browser's localStorage โ€” not transmitted to our servers unless you export it.

1. Information We Collect

  • Profile Information: Name, email, phone, organisation and role you voluntarily enter.
  • Assessment Data: Gap analysis responses, scores and notes โ€” localStorage only.

2. Your Rights (UK GDPR)

Contact info@iso-xpert.com to exercise your data rights.

3. Contact

ISO Xpert Ltd  |  71-75 Shelton Street, London WC2H 9JQ  |  info@iso-xpert.com  |  +44 7853 109840

📄 Terms of Use

Terms of Use

Last updated: April 2025  |  ISO Xpert Ltd  |  71-75 Shelton Street, Covent Garden, London WC2H 9JQ

By using the ISO Xpert ISO/IEC 27017 Gap Analysis Tool ("the Tool"), you agree to these Terms.

1. Ownership and Intellectual Property

This Tool is the exclusive intellectual property of ISO Xpert Ltd. All rights reserved.

2. Permitted Use

  • Internal, non-commercial gap analysis against ISO/IEC 27017:2015.
  • Exporting reports for internal ISMS cloud security records.
  • Sharing reports within your organisation.

3. Prohibited Use

  • Redistribution, resale or sublicensing.
  • Removing or altering copyright notices or ISO Xpert branding.
  • Reverse engineering for commercial purposes.

4. Disclaimer of Warranties

This Tool is provided "as is" for informational and self-assessment purposes only. ISO Xpert does not warrant that outputs constitute professional cloud security advice. Gap analysis outputs should be reviewed by a qualified cloud security professional before making certification decisions. This tool does not substitute for formal Stage 1 or Stage 2 assessment by an accredited certification body. Cloud security risks must be assessed alongside contractual obligations with cloud service providers and applicable data protection law.

5. ISO Standards Reference

ISO/IEC 27017:2015 is a code of practice supplementing ISO/IEC 27001 and ISO/IEC 27002. It should be read alongside ISO/IEC 27018 (PII in public clouds) and applicable cloud service agreements. The authoritative version must be obtained from ISO, IEC or national standards bodies.

6. Limitation of Liability

ISO Xpert Ltd shall not be liable for any indirect, incidental or consequential damages, including security incidents or data breaches, arising from use of this Tool.

7. Governing Law

These Terms are governed by the laws of England and Wales.

8. Contact

ISO Xpert Ltd  |  71-75 Shelton Street, London WC2H 9JQ  |  info@iso-xpert.com  |  +44 7853 109840