CEI UNI EN ISO/IEC 27002:2023
Current
Current
The latest, up-to-date edition.
Information security, cybersecurity and privacy protection - Information security controls
Available format(s)
Hardcopy , PDF
Language(s)
Italian
Published date
01-04-2023
Publisher
€330.75
Excluding VAT
| Committee |
CT 700
|
| DocumentType |
Standard
|
| Pages |
156
|
| ProductNote |
This standard also identical to EN ISO/IEC 27002:2022-11
|
| PublisherName |
Comitato Elettrotecnico Italiano
|
| Status |
Current
|
| Supersedes |
Questo documento fornisce un insieme di controlli generici di riferimento per la sicurezza delle informazioni, comprensivi di linee guida per la loro implementazione.
| Standards | Relationship |
| ISO/IEC 27002:2022 | Identical |
| EN ISO/IEC 27002:2017 | Identical |
| ISO/IEC TS 27110:2021 | Information technology, cybersecurity and privacy protection — Cybersecurity framework development guidelines |
| ISO/IEC 23751:2022 | Information technology — Cloud computing and distributed platforms — Data sharing agreement (DSA) framework |
| ISO/IEC 27050-4:2021 | Information technology — Electronic discovery — Part 4: Technical readiness |
| ISO/IEC 27036-4:2016 | Information technology — Security techniques — Information security for supplier relationships — Part 4: Guidelines for security of cloud services |
| ISO/IEC 27555:2021 | Information security, cybersecurity and privacy protection — Guidelines on personally identifiable information deletion |
| ISO 30000:2009 | Ships and marine technology — Ship recycling management systems — Specifications for management systems for safe and environmentally sound ship recycling facilities |
| ISO 22313:2020 | Security and resilience — Business continuity management systems — Guidance on the use of ISO 22301 |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC 29147:2014 | Information technology — Security techniques — Vulnerability disclosure |
| ISO/IEC 27035-3:2020 | Information technology — Information security incident management — Part 3: Guidelines for ICT incident response operations |
| ISO/IEC 29146:2016 | Information technology — Security techniques — A framework for access management |
| ISO/IEC 20889:2018 | Privacy enhancing data de-identification terminology and classification of techniques |
| ISO/IEC 29134:2023 | Information technology — Security techniques — Guidelines for privacy impact assessment |
| ISO/IEC 27017:2015 | Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services |
| ISO/IEC 19086-4:2019 | Cloud computing — Service level agreement (SLA) framework — Part 4: Components of security and of protection of PII |
| ISO 22301:2019 | Security and resilience — Business continuity management systems — Requirements |
| ISO/IEC TR 27016:2014 | Information technology — Security techniques — Information security management — Organizational economics |
| ISO/IEC 19770-8:2020 | Information technology — IT asset management — Part 8: Guidelines for mapping of industry practices to/from the ISO/IEC 19770 family of standards |
| ISO/IEC 30111:2019 | Information technology — Security techniques — Vulnerability handling processes |
| ISO/IEC 27037:2012 | Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence |
| ISO/IEC 27031:2011 | Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity |
| ISO/IEC 15408-5:2022 | Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements |
| ISO 21500:2021 | Project, programme and portfolio management — Context and concepts |
| ISO/IEC 29115:2013 | Information technology — Security techniques — Entity authentication assurance framework |
| ISO/IEC 11770-7:2021 | Information security — Key management — Part 7: Cross-domain password-based authenticated key exchange |
| ISO/IEC 24760-3:2016 | Information technology — Security techniques — A framework for identity management — Part 3: Practice |
| ISO/IEC 27018:2019 | Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors |
| ISO/IEC 27033-6:2016 | Information technology — Security techniques — Network security — Part 6: Securing wireless IP network access |
| ISO 55001:2014 | Asset management — Management systems — Requirements |
| ISO 22396:2020 | Security and resilience — Community resilience — Guidelines for information exchange between organizations |
| ISO/IEC 27011:2016 | Information technology — Security techniques — Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations |
| ISO/TS 22317:2021 | Security and resilience — Business continuity management systems — Guidelines for business impact analysis |
| ISO/IEC 27007:2020 | Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing |
| ISO/IEC 27019:2017 | Information technology — Security techniques — Information security controls for the energy utility industry |
| ISO/IEC 22123-1:2023 | Information technology — Cloud computing — Part 1: Vocabulary |
| ISO/IEC 27701:2019 | Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines |
| ISO 9000:2015 | Quality management systems — Fundamentals and vocabulary |
| ISO/IEC TS 23167:2020 | Information technology — Cloud computing — Common technologies and techniques |
| ISO 21502:2020 | Project, programme and portfolio management — Guidance on project management |
| ISO/IEC 27034-6:2016 | Information technology — Security techniques — Application security — Part 6: Case studies |
| ISO/IEC 27040:2015 | Information technology — Security techniques — Storage security |
| IEC 31010:2019 | Risk management - Risk assessment techniques |
| ISO/IEC TS 27008:2019 | Information technology — Security techniques — Guidelines for the assessment of information security controls |
| ISO/IEC 17789:2014 | Information technology — Cloud computing — Reference architecture |
| ISO/IEC 27005:2022 | Information security, cybersecurity and privacy protection — Guidance on managing information security risks |
| ISO 15489-1:2016 | Information and documentation — Records management — Part 1: Concepts and principles |
| ISO/IEC 17788:2014 | Information technology — Cloud computing — Overview and vocabulary |
| ISO 27799:2016 | Health informatics — Information security management in health using ISO/IEC 27002 |
| ISO 31000:2018 | Risk management — Guidelines |
Summarise
Access your standards online with a subscription
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.
Important note : Users cannot be edited or removed once added to your Multi user PDF.