PAS 555:2013 Cyber security risk. Governance and management. Specification

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

PAS 555:2013

Cyber security risk. Governance and management. Specification

Status : Current   Published : May 2013

Format
PDF

Format
HARDCOPY



Information technology pervades every aspect of modern human life. We now rely heavily on cyberspace for our business and personal transactions. While this connectivity has positively changed the way organizations operate, the inevitable downside is the threat of cyber attack.

Threats to an organization’s cyber security present a critical challenge in terms of scale, complexity and impact – with business assets such as corporate and customer data, intellectual property, and brand and reputation at risk. It is crucial that an organization understands and manages its exposure to cyber security threats.

That’s why we’ve produced PAS 555:2013 Cyber security risk – Governance and management – Specification.

PAS 555 uniquely uses an outcomes-based approach to ensure enterprise confidence.

A business-led, holistic approach to cyber security

The requirements of this PAS define the overall outcomes of effective cyber security. Importantly, it considers not only the technical aspects of cyber security, but also the physical, cultural and behavioural aspects, alongside effective leadership and governance.

PAS 555 enables organizations to:

  • Focus investment in the most appropriate way
  • Minimize potential loss
  • Improve operational effectiveness and efficiency
  • Develop organizational resilience
  • Improve loss prevention and incident management
  • Identify and mitigate cyber security risk throughout the organization.

The specification applies to the whole organization and its supply chain, avoiding the dangers that can arise when the scope of security measures covers only part of the business. It can apply to any organization, large or small, commercial, not-for-profit or public sector.

How does PAS 555 fit with other related standards?

PAS 555 enables any organization to choose how it achieves the specified outcomes, whether through it's own defined processes or the adoption of other standards and management systems, such as BS ISO/IEC 27001 or ISO/IEC 20000-1. PAS 555 includes a cross reference to major standards that are commonly used to deal with threats (these include ISO/IEC 20000-1, ISO/IEC 27001, ISO 22301 and ISO 31000).

PAS 555 was sponsored by the Cyber Alliance (comprising Cisco, Control Risks, G4S, PA Consulting Group and Symantec) and the steering group comprised 3SDL, Association of British Certification Bodies, Bird & Bird, BP, Department for Business, Innovation and Skills, King’s College London, Information Security Forum, Intellect, Leading Edge Forum, Mike StJohn Green Consulting Ltd, Roke Manor Research and The Security Institute.




Standard NumberPAS 555:2013
TitleCyber security risk. Governance and management. Specification
StatusCurrent
Publication Date31 May 2013
DescriptorsData processing, Computers, Management, Data security, Data storage protection, Risk assessment, Risk analysis, Information exchange, Business continuity, Anti-burglar measures, Computer software, Computer hardware, Computer networks
ICS35.030
CommitteeZZ/1
ISBN978 0 580 78755 3
PublisherBSI
FormatA4
DeliveryYes
Pages32
File Size721 KB
Price£95.00


 Your basket
Your basket is empty

Take the smart route to manage medical device compliance


BSOL

The faster, easier way to work with standards


Worldwide Standards
We can source any standard from anywhere in the world


Collaborate, Innovate, Accelerate.


Customers who bought this product also bought

  • BS ISO/IEC 27032:2012
    Information technology. Security techniques. Guidelines for cybersecurity
  • BS ISO/IEC 27031:2011
    Information technology. Security techniques. Guidelines for information and communication technology readiness for business continuity
  • BS ISO/IEC 27005:2011
    Information technology. Security techniques. Information security risk management
  • BS 65000:2014
    Guidance on organizational resilience