By clicking the SUBMIT button, I’m providing the above information to Vretta for the purpose of responding to my request.
CONTACTlogo
twitterfacebookfacebook instagram

ISO/IEC 27017 Certification

1. Commitment

Vretta prioritizes cloud-based services' security, confidentiality, and integrity by adhering to the highest information security standards. Our commitment to achieving and maintaining ISO/IEC 27017 certification reflects our dedication to extending our robust Information Security Management System (ISMS) to address the unique challenges of cloud computing environments.

ISO/IEC 27017 is an international standard that provides guidelines for information security controls applicable to cloud services. It builds upon ISO/IEC 27001 by offering cloud-specific recommendations for service providers and customers, helping to ensure transparency, shared responsibility, and effective data protection. Vretta has successfully obtained ISO/IEC 27017 certification, demonstrating our ongoing efforts to secure cloud infrastructure and services in our e-assessment and learning solutions.

Ensuring Compliance with ISO/IEC 27017 Certification:

  • Cloud Security Governance: Establishing cloud-specific policies and procedures within our ISMS.
  • Risk Management: Assessing and mitigating cloud-related threats, including shared infrastructure risks.
  • Responsibility Clarity: Defining roles between cloud provider and customer to ensure accountability.
  • Secure Virtualization: Implementing controls for isolation and protection of cloud-based virtual environments.
  • Transparency: Providing clear data handling, access, and ownership terms in cloud service agreements.

2. Maintaining ISO/IEC 27017 Certification

To uphold our ISO/IEC 27017 certification, Vretta follows a structured methodology that continually evaluates cloud-specific security risks and implements proactive controls. This includes annual surveillance audits, collaboration with cloud service providers, and regular updates to policies in response to evolving regulatory requirements and industry expectations. ISO/IEC 27017 certification builds upon the foundation of ISO/IEC 27001, and Vretta ensures that cloud environments meet general and cloud-specific security objectives. Our ISMS incorporates:

  • Cloud-focused policies and operational controls.
  • Incident response and resolution processes tailored to cloud threats.
  • Regular internal reviews and training on cloud responsibilities.
  • Ongoing monitoring of cloud service performance and security posture.

3. Client Assurance and Regulatory Compliance

Achieving ISO/IEC 27017 certification reinforces Vretta's commitment to securing cloud-based environments and ensuring data protection in all service models. This certification provides our partners with the assurance that Vretta:

  • Maintains clearly defined security roles and responsibilities in cloud operations.
  • Aligns with international best practices for cloud data protection.
  • Minimizes risks associated with virtualization, multitenancy, and third-party access.
  • Continuously strengthens cloud governance and security performance.

4. ISO/IEC 27017 Certification Milestones

Vretta is dedicated to maintaining and renewing its ISO/IEC 27017 certification to uphold the highest standards in cloud information security. Each certification milestone reflects our ongoing commitment to proactive risk management and operational excellence. The following table outlines the timeline of our certification renewals:

Certification MilestoneIssue Date
Initial Report: ISO 27017:2015Mach 20, 2025

5. Contact

To learn more about how Vretta is maintaining the security and integrity of our solutions, email info@vretta.com.