BS ISO/IEC 27036-2:2014
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Information technology. Security techniques. Information security for supplier relationships Requirements
Hardcopy , PDF
05-08-2022
English
31-07-2014
Important note : Users cannot be edited or removed once added to your Multi user PDF.| Committee |
IST/33/4
|
| DevelopmentNote |
Supersedes 12/30250175 DC. (08/2014)
|
| DocumentType |
Standard
|
| Pages |
50
|
| PublisherName |
British Standards Institution
|
| Status |
Superseded
|
| SupersededBy | |
| Supersedes |
This part of ISO/IEC27036 specifies fundamental information security requirements for defining, implementing, operating, monitoring, reviewing, maintaining and improving supplier and acquirer relationships.
These requirements cover any procurement and supply of products and services, such as manufacturing or assembly, business process procurement, software and hardware components, knowledge process procurement, Build-Operate-Transfer and cloud computing services.
These requirements are intended to be applicable to all organizations, regardless of type, size and nature.
To meet these requirements, an organization should have already internally implemented a number of foundational processes, or be actively planning to do so. These processes include, but are not limited to, the following: governance, business management, risk management, operational and human resources management, and information security.
| Standards | Relationship |
| ISO/IEC 27036-2:2014 | Identical |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC 27035:2011 | Information technology Security techniques Information security incident management |
| ISO/IEC 27004:2016 | Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation |
| ISO 31000:2009 | Risk management Principles and guidelines |
| ISO 22301:2012 | Societal security Business continuity management systems Requirements |
| ISO/IEC 27031:2011 | Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| ISO/IEC 15288:2008 | Systems and software engineering — System life cycle processes |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| ISO/IEC 27036-1:2014 | Information technology Security techniques Information security for supplier relationships Part 1: Overview and concepts |
| ISO 22313:2012 | Societal security Business continuity management systems Guidance |
| ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.