What is this PAS about?
In a world where the threat of cyberattack is omnipresent, this PAS provides a business-led, holistic approach to cyber security.
Who is this PAS for?
Any organization, large or small, commercial, not-for-profit or public sector.
Why should you use this PAS?
The requirements of this PAS define the overall outcomes of effective cyber security. Importantly, it considers not only the technical aspects of cyber security, but also the physical, cultural and behavioural aspects, alongside effective leadership and governance.
PAS 555 enables organizations to:
- Focus investment in the most appropriate way
- Minimize potential loss
- Improve operational effectiveness and efficiency
- Develop organizational resilience
- Improve loss prevention and incident management
- Identify and mitigate cyber security risk throughout the organization
It applies to the whole organization and its supply chain, avoiding the dangers that can arise when the scope of security measures covers only part of the business.
PAS 555 enables any organization to choose how it achieves the specified outcomes, whether through its own defined processes or the adoption of other standards and management systems, such as BS ISO/IEC 27001 or ISO/IEC 20000-1. It includes a cross reference to major standards that are commonly used to deal with threats (these include ISO/IEC 20000-1, ISO/IEC 27001, ISO 22301 and ISO 31000).
