I.S. EN ISO/IEC 27040:2016
Current
The latest, up-to-date edition.
INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015)
Hardcopy , PDF
English
01-01-2016
For Harmonized Standards, check the EU site to confirm that the Standard is cited in the Official Journal.
Only cited Standards give presumption of conformance to New Approach Directives/Regulations.
Dates of withdrawal of national standards are available from NSAI.
National Foreword
European foreword
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 Overview and concepts
6 Supporting controls
7 Guidelines for the design and implementation
of storage security
Annex A (normative) - Media sanitization
Annex B (informative) - Selecting appropriate
storage security controls
Annex C (informative) - Important security concepts
Bibliography
Describes detailed technical guidance on how organizations can define an appropriate level of risk mitigation by employing a well-proven and consistent approach to the planning, design, documentation, and implementation of data storage security.
| DocumentType |
Standard
|
| Pages |
128
|
| PublisherName |
National Standards Authority of Ireland
|
| Status |
Current
|
| Standards | Relationship |
| ISO/IEC 27040:2015 | Identical |
| EN ISO/IEC 27040:2016 | Identical |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ANSI INCITS 400 : 2004 | INFORMATION TECHNOLOGY - SCSI OBJECT-BASED STORAGE DEVICE COMMANDS (OSD) |
| ISO/IEC 27003:2017 | Information technology — Security techniques — Information security management systems — Guidance |
| ISO/TR 10255:2009 | Document management applications — Optical disk storage technology, management and standards |
| ISO/IEC 27037:2012 | Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence |
| ISO/IEC 27031:2011 | Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity |
| ISO/IEC/IEEE 24765:2017 | Systems and software engineering — Vocabulary |
| ISO/IEC 27033-1:2015 | Information technology — Security techniques — Network security — Part 1: Overview and concepts |
| ISO/IEC 19790:2012 | Information technology — Security techniques — Security requirements for cryptographic modules |
| ISO/IEC 27002:2013 | Information technology — Security techniques — Code of practice for information security controls |
| ISO 16609:2012 | Financial services — Requirements for message authentication using symmetric techniques |
| ISO 16175-2:2011 | Information and documentation — Principles and functional requirements for records in electronic office environments — Part 2: Guidelines and functional requirements for digital records management systems |
| ISO/TR 18492:2005 | Long-term preservation of electronic document-based information |
| ANSI INCITS 482 : 2012 | INFORMATION TECHNOLOGY - ATA/ATAPI COMMAND SET - 2 (ACS-2) |
| IEEE 1619-2007 | IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices |
| ISO/IEC 17826:2016 | Information technology — Cloud Data Management Interface (CDMI) |
| ISO 7498-2:1989 | Information processing systems — Open Systems Interconnection — Basic Reference Model — Part 2: Security Architecture |
| ISO 16175-3:2010 | Information and documentation — Principles and functional requirements for records in electronic office environments — Part 3: Guidelines and functional requirements for records in business systems |
| IEEE 1619.1-2007 | IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices |
| ANSI INCITS 458 : 2011 | INFORMATION TECHNOLOGY - SCSI OBJECT-BASED STORAGE DEVICE COMMANDS - 2 (OSD-2) |
| ANSI INCITS 496 : 2012 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - SECURITY PROTOCOLS - 2 (FC-SP-2) |
| ISO/IEC 27005:2011 | Information technology — Security techniques — Information security risk management |
| ANSI INCITS 512 : 2015 | INFORMATION TECHNOLOGY - FIBRE CHANNEL - PHYSICAL INTERFACE-6 (FC-PI-6) |
| ANSI INCITS 470 : 2011(R2016) | INFORMATION TECHNOLOGY - FIBRE CHANNEL - FRAMING AND SIGNALING - 3 (FC-FS-3) |
| ISO/IEC 24775:2011 | Information technology — Storage management |
| ISO/IEC 24759:2017 | Information technology — Security techniques — Test requirements for cryptographic modules |
| ISO/IEC 14776-372:2011 | Information technology — Small Computer System Interface (SCSI) — Part 372: SCSI Enclosure Services - 2 (SES-2) |
| ISO/IEC 27033-3:2010 | Information technology — Security techniques — Network security — Part 3: Reference networking scenarios — Threats, design techniques and control issues |
| ISO/IEC 27033-2:2012 | Information technology — Security techniques — Network security — Part 2: Guidelines for the design and implementation of network security |
| ISO/IEC 10116:2017 | Information technology — Security techniques — Modes of operation for an n-bit block cipher |
| ISO/PAS 22399:2007 | Societal security - Guideline for incident preparedness and operational continuity management |
| ISO/IEC 27000:2016 | Information technology — Security techniques — Information security management systems — Overview and vocabulary |
| ISO 16175-1:2010 | Information and documentation — Principles and functional requirements for records in electronic office environments — Part 1: Overview and statement of principles |
| ISO/IEC 17788:2014 | Information technology — Cloud computing — Overview and vocabulary |
| ISO Guide 73:2009 | Risk management — Vocabulary |
Access your standards online with a subscription
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.
Important note : Users cannot be edited or removed once added to your Multi user PDF.