BS ISO/IEC 27009:2016 Information technology. Security techniques. Sector-specific application of ISO/IEC 27001. Requirements

BS ISO/IEC 27009:2016

Information technology. Security techniques. Sector-specific application of ISO/IEC 27001. Requirements

Status : Current, Under review   Published : June 2016

Format
PDF

Format
HARDCOPY



What is this standard about?

It defines how to apply BS ISO/IEC 27001:2013 in a sector (field, application area or market area) that has common security requirements, but where those requirements are unique to that sector.  It explains how to include sector-specific requirements additional to those found in BS ISO/IEC 27001, how to refine BS ISO/IEC 27001 requirements, and how to include controls or control sets additional to those found in BS ISO/IEC 27002.

Who is this standard for?

It is intended for use by standards’ writers developing sector-specific information security management system (ISMS) standards. It may also interest organizations that want to certify an ISMS with sector-specific requirements, particularly where those requirements are complex or involve multiple sectors or fields of application.

Why should you use this standard? 

BS ISO/IEC 27009:2016 ensures that additional or refined sector-specific requirements are not in conflict with the requirements of BS ISO/IEC 27001. It mandates a standard structure and contents template for sector-specific ISMS standards.It provides guidance for developers of sector-specific ISMS standards. If its requirements are met, it will be possible for certification bodies using BS ISO/IEC 27006:2015 to certify ISMSs built using the sector-specific standards against BS ISO/IEC 27001.




Standard NumberBS ISO/IEC 27009:2016
TitleInformation technology. Security techniques. Sector-specific application of ISO/IEC 27001. Requirements
StatusCurrent, Under review
Publication Date30 June 2016
Normative References(Required to achieve compliance to this standard)ISO/IEC 27002:2013, ISO/IEC 27000:2016, ISO/IEC 27001:2013
Informative References(Provided for Information)ISO/IEC 27010:2015, ISO/IEC 27017:2015, ISO/IEC Directives, ISO/IEC 27011:2008, ISO/IEC 27018:2014
International RelationshipsISO/IEC 27009:2016
Draft Superseded By15/30285726 DC
DescriptorsRecords (documents), Technical documents, Computer networks, Maintenance, Computers, Data storage protection, Computer technology, Data processing, Information systems, Anti-burglar measures, Information exchange, Data security, Classification systems, Management, Documents
ICS03.100.70
03.120.20
35.030
Title in FrenchTechnologies de l’information. Techniques de sécurité. Application de l’ISO/IEC 27001 à un secteur spécifique. Exigences
CommitteeIST/33/1
ISBN978 0 580 83471 4
PublisherBSI
FormatA4
DeliveryYes
Pages18
File Size1.776 MB
Price£130.00


 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


Worldwide Standards
We can source any standard from anywhere in the world


Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version


BSOL

The faster, easier way to work with standards


Customers who bought this product also bought

  • BS EN ISO/IEC 27001:2017
    Information technology. Security techniques. Information security management systems. Requirements