19/30379031 DC - BS ISO/IEC 27009. Information technology. Security techniques. Sector-specific application of ISO/IEC 27001. Requirements

19/30379031 DC

BS ISO/IEC 27009. Information technology. Security techniques. Sector-specific application of ISO/IEC 27001. Requirements

Status : Current, Draft for public comment   Published : July 2019

Format
PDF

Format
HARDCOPY



This document specifies the requirements for creating sector-specific standards that extend ISO/IEC 27001:2013, and complement or amend ISO/IEC 27002:2013 to support a specific sector (domain, application area or market).

This document explains how to;

  • include requirements in addition to those in ISO/IEC 27001:2013,

  • refine or interpret any of the ISO/IEC 27001:2013 requirements,

  • include controls in addition to those of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002:2013,

  • modify any of the controls of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002:2013,

  • add guidance to or modify the guidance of ISO/IEC 27002:2013.

This document specifies that additional or refined requirements do not invalidate the requirements in ISO/IEC 27001:2013.

This document is applicable to those involved in producing sector-specific standards.




Standard Number19/30379031 DC
TitleBS ISO/IEC 27009. Information technology. Security techniques. Sector-specific application of ISO/IEC 27001. Requirements
StatusCurrent, Draft for public comment
Publication Date02 July 2019
Normative References(Required to achieve compliance to this standard)ISO/IEC 27000, ISO/IEC 27002:2013, ISO/IEC 27001:2013
Informative References(Provided for Information)ISO/IEC 27017:2015, ISO/IEC 27018:2014, ISO/IEC 27019:2017, ISO/IEC 27010:2015, ISO/IEC 27011:2016, ISO/IEC Directives Part 1:2018
International RelationshipsISO/IEC DIS 27009
Draft Expiry Date21 August 2019
DescriptorsAnti-burglar measures, Classification systems, Technical documents, Records (documents), Data security, Data processing, Computer technology, Data storage protection, Maintenance, Computer networks, Information exchange, Documents, Management, Information systems, Computers
ICS03.100.70
35.030
Title in FrenchTechnologies de l'information — Techniques de sécurité — Application de l’ISO/IEC 27001 à un secteur spécifique — Exigences
CommitteeIST/33/1
PublisherBSI
FormatA4
DeliveryYes
Pages26
File Size539 KB
NotesWarning: this draft is not current beyond its expiry date for comments.
Price£20.00


 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


Worldwide Standards
We can source any standard from anywhere in the world


Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version


BSOL

The faster, easier way to work with standards