PAS 555:2013 Cyber security risk. Governance and management. Specification

PAS 555:2013

Cyber security risk. Governance and management. Specification

Status : Current   Published : May 2013



What is this PAS about?

In a world where the threat of cyberattack is omnipresent, this PAS provides a business-led, holistic approach to cyber security.

Who is this PAS for?

Any organization, large or small, commercial, not-for-profit or public sector.

Why should you use this PAS? 

The requirements of this PAS define the overall outcomes of effective cyber security. Importantly, it considers not only the technical aspects of cyber security, but also the physical, cultural and behavioural aspects, alongside effective leadership and governance.

PAS 555 enables organizations to:

  • Focus investment in the most appropriate way
  • Minimize potential loss
  • Improve operational effectiveness and efficiency
  • Develop organizational resilience
  • Improve loss prevention and incident management
  • Identify and mitigate cyber security risk throughout the organization

It applies to the whole organization and its supply chain, avoiding the dangers that can arise when the scope of security measures covers only part of the business.

PAS 555 enables any organization to choose how it achieves the specified outcomes, whether through its own defined processes or the adoption of other standards and management systems, such as BS ISO/IEC 27001 or ISO/IEC 20000-1. It includes a cross reference to major standards that are commonly used to deal with threats (these include ISO/IEC 20000-1, ISO/IEC 27001, ISO 22301 and ISO 31000).

Standard NumberPAS 555:2013
TitleCyber security risk. Governance and management. Specification
Publication Date31 May 2013
Normative References(Required to achieve compliance to this standard)No other standards are normatively referenced
Informative References(Provided for Information)No other standards are informatively referenced
DescriptorsInformation exchange, Computer networks, Data processing, Anti-burglar measures, Data storage protection, Computers, Risk analysis, Computer hardware, Risk assessment, Data security, Computer software, Management, Business continuity
ISBN978 0 580 78755 3
File Size685 KB

 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


Access, view and download standards with multiple user access, across multiple sites with BSOL

Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version

Worldwide Standards
We can source any standard from anywhere in the world

Customers who bought this product also bought

  • BS ISO/IEC 27032:2012
    Information technology. Security techniques. Guidelines for cybersecurity
  • BS ISO/IEC 27031:2011
    Information technology. Security techniques. Guidelines for information and communication technology readiness for business continuity
  • BS ISO/IEC 27005:2011
    Information technology. Security techniques. Information security risk management
  • BS 65000:2014
    Guidance on organizational resilience