BS PAS 555(2013) : 2013
Current
The latest, up-to-date edition.
CYBER SECURITY RISK - GOVERNANCE AND MANAGEMENT - SPECIFICATION
Hardcopy , PDF
English
01-01-2013
Foreword
Executive summary
Introduction
1 Scope
2 Terms and definitions
3 Management structure
4 Commitment to a cyber security culture
5 Security context
6 Business architecture strategy
7 Capability development strategy
8 Supplier and partner strategy
9 Technology strategy
10 Business resilience
11 Compliance with legislation and other standards
12 Risk assessment
13 Protection and mitigation
14 Detection and response
15 Recovery
16 Compliance analysis and continual improvement
Annexes
Annex A (informative) - Achieving compliance with
PAS 555
Annex B (informative) - PAS 555 application scenarios
Annex C (informative) - Sample supplier/partner cyber
security competence assessment report
Bibliography
Defines a framework for the governance and management of cyber security risk.
Committee |
ZZ/1
|
DocumentType |
Standard
|
Pages |
32
|
PublisherName |
British Standards Institution
|
Status |
Current
|
DEFSTAN 08-107/3(2013) : 2013 | GENERAL REQUIREMENTS FOR THE DESIGN OF ELECTROTECHNICAL AND NAVAL WEAPON EQUIPMENT |
BS PAS 1192-5(2015) : 2015 | SPECIFICATION FOR SECURITY-MINDED BUILDING INFORMATION MODELLING, DIGITAL BUILT ENVIRONMENTS AND SMART ASSET MANAGEMENT |
16/30342526 DC : 0 | BS 31111 - CYBER RISK AND RESILIENCE - GUIDE |
BS 65000:2014 | Guidance on organizational resilience |
BS PAS 7000(2014) : 2014 | SUPPLY CHAIN RISK MANAGEMENT - SUPPLIER PREQUALIFICATION |
BS 16000:2015 | Security management. Strategic and operational guidelines |
BS ISO 22301 : 2012 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS |
BS EN ISO 9001:2015 | Quality management systems. Requirements |
BS ISO/IEC 20000-1:2011 | Information technology. Service management Service management system requirements |
BS ISO/IEC 27001 : 2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS |
BS ISO 31000:2009 | Risk management. Principles and guidelines |
BS ISO/IEC 27000 : 2016 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY |
BS EN ISO 9000:2015 | Quality management systems. Fundamentals and vocabulary |
ISO Guide 73:2009 | Risk management — Vocabulary |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.