ISO/IEC 27017 Implementation Services

Description

By Sherlocked Security – Cloud & Cyber Risk Specialists

Full Service Description

Cloud computing introduces shared responsibility, multi-tenancy, and dynamic infrastructure risks that require specialized security controls. ISO/IEC 27017 extends ISO/IEC 27001 with cloud-specific security guidance for both cloud customers and service providers.

Sherlocked Security provides ISO/IEC 27017 Implementation Services through the Make Audit Easy platform, supporting organizations in implementing effective cloud security governance and controls.

Our approach is risk-driven and cloud-centric, covering access control, virtualization security, logging, monitoring, incident management, and third-party risk. The service aligns with ISO/IEC 27017 and integrates with broader ISMS and cybersecurity frameworks.

	Basic	Standard	Enterprise	Advance
Audit Mode	Virtual Only	Virtual + Onsite	Virtual + Onsite	Virtual + Onsite
Locations Covered	3	5	7	10
Total Cities covered	NA	1	2	3
Virtual Audit Coverage	3 Locations	3 Locations	3 Locations	5 Locations
Onsite Audit Coverage	NA	2 Locations (Only one City)	4 Locations (Any two Cities – PAN India Tier 1/2)	5 Locations (3 Cities – PAN India Tier 1/2)
Add On
Additional Virtual Location	10% Per location	7% Per Location	7% Per Location	5% Per Location
Additional Onsite Location (Same City)	NA	15% Per Location	15% Per Location	10% Per Location
Additional Onsite (Another City, 1 location)	NA	NA	+20% per location	+15 % per location
Timeline
Audit Timeline	3–11 Days	5–11 Days	7–20 Days	7–20 Days
Post-Audit Support	5 Months	5 Months	7 Months	11 Months

Key Implementation Coverage

Cloud scope & responsibility model definition
Cloud risk assessment & treatment planning
Identity & access management in cloud
Virtualization & tenant isolation controls
Data protection, encryption & key management
Cloud logging, monitoring & incident response
Supplier & CSP risk management
Documentation & compliance readiness

Who This Service Is For

Cloud-native & SaaS organizations
Enterprises migrating to the cloud
Technology service providers
Organizations seeking cloud security compliance

Why Sherlocked Security

Deep expertise in cloud & cyber risk
Independent, implementation-focused delivery
Practical, audit-ready compliance outputs
Alignment with ISO/IEC 27017 & ISO/IEC 27001
Simple engagement via Make Audit Easy

Outcome

A structured ISO/IEC 27017-aligned cloud security implementation that improves control over cloud risks and strengthens security assurance.

Additional information

Audit Service Plan	I. Basic, II. Standard, III. Enterprise, IV. Advance
Base City or Zone	Bengaluru, Chennai, Delhi (NCR), Hyderabad, Kolkata, Mumbai, Pune, Zone – East, Zone – North, Zone – South, Zone – West