ISO/IEC 27002:2013
Superseded
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Information technology Security techniques Code of practice for information security controls
Amended by
Available format(s)
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
Superseded date
15-02-2022
Superseded by
Published date
25-09-2013
Important note : Users cannot be edited or removed once added to your Multi user PDF.
ISO/IEC 27002:2013 gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization's information security risk environment(s).
It is designed to be used by organizations that intend to:
- select controls within the process of implementing an Information Security Management System based on ISO/IEC 27001;
- implement commonly accepted information security controls;
- develop their own information security management guidelines.
| DevelopmentNote |
Supersedes ISO/IEC 17799. COR 1 2007 to ISO/IEC 17799 issued on 01-07-2007, Redesignates ISO/IEC 17799 as ISO/IEC 27002. (07/2007)
|
| DocumentType |
Standard
|
| Pages |
88
|
| PublisherName |
International Organization for Standardization
|
| Status |
Superseded
|
| SupersededBy | |
| Supersedes |
| I.S. EN ISO 19011:2011 | GUIDELINES FOR AUDITING MANAGEMENT SYSTEMS (ISO 19011:2011) |
| 12/30236518 DC : 0 | BS ISO/IEC 27000 - INFORMATION SECURITY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY |
| I.S. ISO/IEC 27001:2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS |
| AAMI IEC TIR 80001-2-2 : 2012 | APPLICATION OF RISK MANAGEMENT FOR IT-NETWORKS INCORPORATING MEDICAL DEVICES - PART 2-2: GUIDANCE FOR THE DISCLOSURE AND COMMUNICATION OF MEDICAL DEVICE SECURITY NEEDS, RISKS AND CONTROLS |
| 07/30117272 DC : 0 | BS ISO/IEC 27005 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY RISK MANAGEMENT |
| BS ISO/IEC 29134:2017 | Information technology. Security techniques. Guidelines for privacy impact assessment |
| BS ISO/IEC 19770-1:2017 | Information technology. IT asset management IT asset management systems. Requirements |
| CSA ISO/IEC TR 24729-4:14 (R2019) | Information technology - Radio frequency identification for item management - Implementation guidelines - Part 4: Tag data security (Adopted ISO/IEC TR 24729-4:2009, first edition, 2009-03-15) |
| PD CEN/TS 16850:2015 | Societal and Citizen Security. Guidance for managing security in healthcare facilities |
| BS IEC 62855:2016 | Nuclear power plants. Electrical power systems. Electrical power systems analysis |
| 18/30361485 DC : 0 | BS ISO/IEC 19896-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - COMPETENCE REQUIREMENTS FOR INFORMATION SECURITY TESTERS AND EVALUATORS - PART 3: KNOWLEDGE, SKILLS AND EFFECTIVENESS REQUIREMENTS FOR ISO/IEC 15408 EVALUATORS |
| 18/30346433 DC : 0 | BS ISO/IEC 19086-4 - INFORMATION TECHNOLOGY - CLOUD COMPUTING SERVICE LEVEL AGREEMENT (SLA) FRAMEWORK - PART 4: SECURITY AND PRIVACY |
| PD ISO/TR 12859:2009 | Intelligent transport systems. System architecture. Privacy aspects in ITS standards and systems |
| DD ISO/TS 21547:2010 | Health informatics. Security requirements for archiving of electronic health records. Principles |
| 12/30232747 DC : DRAFT JAN 2013 | BS ISO/IEC 29182-4 - INFORMATION TECHNOLOGY-SENSOR NETWORKS: SENSOR NETWORK REFERENCE ARCHITECTURE (SNRA) - PART 4: ENTITY MODELS |
| BS ISO/IEC 27037 : 2012 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION, AND PRESERVATION OF DIGITAL EVIDENCE |
| PD CEN/TS 15480-4:2012 | Identification card systems. European Citizen Card Recommendations for European Citizen Card issuance, operation and use |
| 11/30168516 DC : 0 | BS ISO/IEC 27032 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR CYBERSECURITY |
| 15/30299331 DC : 0 | BS ISO/IEC 27011 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS BASED ON ISO/IEC 27002 FOR TELECOMMUNICATIONS ORGANIZATIONS |
| 15/30285726 DC : 0 | BS ISO/IEC 27009 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECTOR-SPECIFIC APPLICATION OF ISO/IEC 27001 - REQUIREMENTS |
| 12/30269414 DC : 0 | BS EN 16495 - AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANISATIONS SUPPORTING CIVIL AVIATION OPERATIONS |
| DIN EN ISO/IEC 27001:2017-06 | Information technology - Security techniques - Information security management systems - Requirements (ISO/IEC 27001:2013 including Cor 1:2014 and Cor 2:2015) |
| 15/30319488 DC : 0 | BS ISO/IEC 27000 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY |
| CSA ISO/IEC 27000 : 2018 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY |
| BIP 0064 : 2007 | INFORMATION SECURITY INCIDENT MANAGEMENT - A METHODOLOGY |
| BS ISO/IEC 19086-1:2016 | Information technology. Cloud computing. Service level agreement (SLA) framework Overview and concepts |
| PD CEN/TR 16742:2014 | Intelligent transport systems. Privacy aspects in ITS standards and systems in Europe |
| OLF 104 : 2016 | INFORMATION SECURITY BASELINE REQUIREMENTS FOR PROCESS CONTROL, SAFETY AND SUPPORT ICT SYSTEMS |
| ISO/IEC 38505-1:2017 | Information technology — Governance of IT — Governance of data — Part 1: Application of ISO/IEC 38500 to the governance of data |
| PD ISO/IEC TR 20000-5:2013 | Information technology. Service management Exemplar implementation plan for ISO/IEC 20000-1 |
| 11/30192880 DC : 0 | BS ISO 22857 - HEALTH INFORMATICS - GUIDELINES ON DATA PROTECTION TO FACILITATE TRANS-BORDER FLOWS OF PERSONAL HEALTH INFORMATION |
| ISO/IEC 29182-1:2013 | Information technology Sensor networks: Sensor Network Reference Architecture (SNRA) Part 1: General overview and requirements |
| BS TICKIT GUIDE : ISSUE 5.5 | A GUIDE TO SOFTWARE QUALITY MANAGEMENT SYSTEM CONSTRUCTION AND CERTIFICATION TO ISO 9001:2000 |
| 17/30351843 DC : 0 | BS 10754-1 - INFORMATION TECHNOLOGY - SOFTWARE TRUSTWORTHINESS - PART 1 - GOVERNANCE AND MANAGEMENT SPECIFICATION |
| EN 319 401 : 2.2.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); GENERAL POLICY REQUIREMENTS FOR TRUST SERVICE PROVIDERS |
| PD ISO/IEC TR 20000-3:2009 | Information technology. Service management Guidance on scope definition and applicability of ISO/IEC 20000-1 |
| 14/30268906 DC : 0 | BS ISO/IEC 17789 - INFORMATION TECHNOLOGY - CLOUD COMPUTING - REFERENCE ARCHITECTURE |
| BS ISO 22313 : 2012 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE |
| 12/30204847 DC : 0 | BS ISO/IEC 29147 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - VULNERABILITY DISCLOSURE |
| BS ISO/IEC 27000 : 2016 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY |
| CAN/CSA-ISO/IEC 27034-1:12 (R2017) | Information technology - Security techniques - Application security - Part 1: Overview and concepts (Adopted ISO/IEC 27034-1:2011, first edition, 2011-11-15) |
| ISO 19011:2011 | Guidelines for auditing management systems |
| ISO/IEC 27017:2015 | Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services |
| BS EN ISO/IEC 27037:2016 | Information technology. Security techniques. Guidelines for identification, collection, acquisition and preservation of digital evidence |
| DD IEC/PAS 62443-3:2008 | Security for industrial process measurement and control Network and system security |
| BS ISO/IEC 15026-4:2012 | Systems and software engineering. Systems and software assurance Assurance in the life cycle |
| 12/30249455 DC : 0 | BS ISO/IEC 27036-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY FOR SUPPLIER RELATIONSHIPS - PART 1: OVERVIEW AND CONCEPTS |
| INCITS/ISO/IEC 27011 : 2009(R2014) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT GUIDELINES FOR TELECOMMUNICATIONS ORGANIZATIONS BASED ON ISO/IEC 27002 |
| ISO/IEC 27009:2016 | Information technology Security techniques Sector-specific application of ISO/IEC 27001 Requirements |
| CAN/CSA-ISO/IEC 27033-1:16 | Information technology - Security techniques - Network security - Part 1: Overview and concepts (Adopted ISO/IEC 27033-1:2015, second edition, 2015-08-15) |
| INCITS/ISO/IEC 29182-4 : 2014 | INFORMATION TECHNOLOGY - SENSOR NETWORKS: SENSOR NETWORK REFERENCE ARCHITECTURE (SNRA) - PART 4: ENTITY MODELS |
| CSA TELECOM ORGANIZATIONS PACKAGE : 2018 | CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR |
| CSA ISO/IEC 27034-1:2012 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - APPLICATION SECURITY - PART 1: OVERVIEW AND CONCEPTS |
| PD ISO/TR 18638:2017 | Health informatics. Guidance on health information privacy education in healthcare organizations |
| S.R. CEN ISO/TS 14441:2013 | HEALTH INFORMATICS - SECURITY AND PRIVACY REQUIREMENTS OF EHR SYSTEMS FOR USE IN CONFORMITY ASSESSMENT (ISO/TS 14441:2013) |
| ISO/IEC TR 27016:2014 | Information technology — Security techniques — Information security management — Organizational economics |
| INCITS/ISO/IEC 27039 : 2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SELECTION, DEPLOYMENT AND OPERATIONS OF INTRUSION DETECTION AND PREVENTION SYSTEMS (IDPS) |
| CSA ISO/IEC 24762: 2008 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR INFORMATION AND COMMUNICATIONS TECHNOLOGY DISASTER RECOVERY SERVICES |
| ISO/TS 21089:2018 | Health informatics Trusted end-to-end information flows |
| CSA ISO/IEC TR 27008 : 2013 : R2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR AUDITORS ON INFORMATION SECURITY CONTROLS |
| I.S. EN 16747:2015 | MARITIME AND PORT SECURITY SERVICES |
| ISO/IEC 27036-2:2014 | Information technology Security techniques Information security for supplier relationships Part 2: Requirements |
| PD ISO/IEC/TR 15026-1:2010 | Systems and software engineering. Systems and software assurance Concepts and vocabulary |
| ISO/TS 13606-4:2009 | Health informatics Electronic health record communication Part 4: Security |
| ISO/IEC TR 27023:2015 | Information technology — Security techniques — Mapping the revised editions of ISO/IEC 27001 and ISO/IEC 27002 |
| AAMI/IEC TIR80001-2-3:2012 | APPLICATION OF RISK MANAGEMENT FOR IT-NETWORKS INCORPORATING MEDICAL DEVICES - PART 2-3: GUIDANCE FOR WIRELESS NETWORKS |
| DIN EN ISO/IEC 27040:2016-04 (Draft) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015) |
| ISO/IEC 27033-2:2012 | Information technology — Security techniques — Network security — Part 2: Guidelines for the design and implementation of network security |
| ISO 10008:2013 | Quality management — Customer satisfaction — Guidelines for business-to-consumer electronic commerce transactions |
| BS EN ISO/IEC 27000:2017 | Information technology. Security techniques. Information security management systems. Overview and vocabulary |
| UNI EN ISO 22600-2 : 2014 | HEALTH INFORMATICS - PRIVILEGE MANAGEMENT AND ACCESS CONTROL - PART 2: FORMAL MODELS |
| UNI EN ISO 19011 : 2012 | GUIDELINES FOR AUDITING MANAGEMENT SYSTEMS |
| I.S. EN ISO 22313:2014 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE (ISO 22313:2012) |
| EN IEC 62443-4-1:2018 | Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements |
| I.S. EN ISO 27799:2016 | HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 |
| CEN/TS 17159:2018 | Societal and citizen security - Guidance for the security of hazardous materials (CBRNE) in healthcare facilities |
| ISO/IEC 19086-1:2016 | Information technology Cloud computing Service level agreement (SLA) framework Part 1: Overview and concepts |
| ISO/IEC 27000:2018 | Information technology — Security techniques — Information security management systems — Overview and vocabulary |
| 14/30249803 DC : 0 | BS ISO/IEC 27040 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY |
| ISO/IEEE 11073-00103:2015 | Health informatics — Personal health device communication — Part 00103: Overview |
| IEC 61069-5:2016 | Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 5: Assessment of system dependability |
| CEN ISO/TS 19299:2015 | Electronic fee collection - Security framework (ISO/TS 19299:2015) |
| CEN/TS 15480-4:2012 | Identification card systems - European Citizen Card - Part 4: Recommendations for European Citizen Card issuance, operation and use |
| CEN/TS 16850:2015 | Societal and Citizen Security - Guidance for managing security in healthcare facilities |
| DIN ISO/IEC 17789:2017-07 | INFORMATION TECHNOLOGY - CLOUD COMPUTING - REFERENCE ARCHITECTURE (ISO/IEC 17789:2014) |
| PD ISO/IEC TR 27019:2013 | Information technology. Security techniques. Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry |
| ISO/TR 21548:2010 | Health informatics Security requirements for archiving of electronic health records Guidelines |
| 15/30299325 DC : 0 | BS ISO/IEC 27013 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDANCE ON THE INTEGRATED IMPLEMENTATION OF ISO/IEC 27001 AND ISO/IEC 20000-1 |
| TR 101 564 : 1.1.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); GUIDANCE ON ETSI TS 102 042 FOR ISSUING EXTENDED VALIDATION CERTIFICATES FOR AUDITORS AND CSPS |
| DIN ISO/IEC 27001 : 2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS (ISO/IEC 27001:2013 + COR. 1:2014) |
| INCITS/ISO/IEC 27037 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE |
| DIN EN ISO/IEC 27001 E : 2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS (ISO/IEC 27001:2013 INCLUDING COR 1:2014 AND COR 2:2015) |
| CSA ISO/IEC 27018 : 2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION (PII) IN PUBLIC CLOUDS ACTING AS PII PROCESSORS |
| 18/30348902 DC : 0 | BS ISO/IEC 21878 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY GUIDELINES FOR DESIGN AND IMPLEMENTATION OF VIRTUALIZED SERVERS |
| BS ISO/IEC 15408-1:2009 | Information technology. Security techniques. Evaluation criteria for IT Security Part 1: Introduction and general model |
| ISO/IEC TR 27103:2018 | Information technology — Security techniques — Cybersecurity and ISO and IEC Standards |
| SAE AS 9115 : 2017 | QUALITY MANAGEMENT SYSTEMS - REQUIREMENTS FOR AVIATION, SPACE, AND DEFENSE ORGANIZATIONS - DELIVERABLE SOFTWARE (SUPPLEMENT TO 9100:2016) |
| 15/30279952 DC : 0 | BS ISO/IEC 30124 - CODE OF PRACTICE FOR THE IMPLEMENTATION OF A BIOMETRIC SYSTEM |
| 16/30286013 DC : 0 | BS ISO/IEC 27003 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM - GUIDANCE |
| BS ISO/IEEE 11073-00103 : 2015 | HEALTH INFORMATICS - PERSONAL HEALTH DEVICE COMMUNICATION - PART 00103: OVERVIEW |
| BS EN ISO 9004:2018 | Quality management. Quality of an organization. Guidance to achieve sustained success |
| DIN ISO/IEC 27000:2015-12 (Draft) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY |
| TS 102 573 : 2.1.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR TRUST SERVICE PROVIDERS SIGNING AND/OR STORING DATA OBJECTS |
| 13/30268559 DC : 0 | BS ISO/IEC 15026-1 - SYSTEMS AND SOFTWARE ENGINEERING - SYSTEMS AND SOFTWARE ASSURANCE - PART 1: CONCEPTS AND VOCABULARY |
| BIS IS/ISO/IEC 27005 : 2008 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY RISK MANAGEMENT |
| 16/30313398 DC : 0 | BS ISO/IEC 15944-12 - INFORMATION TECHNOLOGY - BUSINESS OPERATIONAL VIEW - PART 12: PRIVACY PROTECTION REQUIREMENTS ON INFORMATION LIFE CYCLE MANAGEMENT (ILCM) AND EDI OF PERSONAL INFORMATION |
| 17/30347919 DC : 0 | BS ISO 10005 - QUALITY MANAGEMENT SYSTEMS - GUIDELINES FOR QUALITY PLANS |
| 15/30268877 DC : 0 | BS ISO/IEC 27035-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT - PART 2: GUIDELINES TO PLAN AND PREPARE FOR INCIDENT RESPONSE |
| 11/30204593 DC : DRAFT MAY 2011 | BS ISO/IEC 27010 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT FOR INTER-SECTOR AND INTER-ORGANIZATIONAL COMMUNICATIONS |
| BS ISO/IEC 27010:2015 | Information technology. Security techniques. Information security management for inter-sector and inter-organizational communications |
| BS ISO 17090-1:2013 | Health informatics. Public key infrastructure Overview of digital certificate services |
| PD IEC/TR 62351-10:2012 | Power systems management and associated information exchange. Data and communications security Security architecture guidelines |
| BS ISO/IEC 24762:2008 | Information technology. Security techniques. Guidelines for information and communications technology disaster recovery services |
| PD ISO/IEC TR 27023:2015 | Information technology. Security techniques. Mapping the revised editions of ISO/IEC 27001 and ISO/IEC 27002 |
| ISO/IEC TR 20000-3:2009 | Information technology — Service management — Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1 |
| BS ISO/IEC 17789:2014 | Information technology. Cloud computing. Reference architecture |
| PD ISO/IEC TR 27008:2011 | Information technology. Security techniques. Guidelines for auditors on information security controls |
| 09/30168526 DC : 0 | BS ISO/IEC 27033-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - NETWORK SECURITY - PART 1: GUIDELINES FOR NETWORK SECURITY |
| UNI CEI ISO/IEC 27001 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS |
| 17/30354834 DC : 0 | BS EN ISO 19011 - GUIDELINES FOR AUDITING MANAGEMENT SYSTEMS |
| EN 319 411-2 : 2.2.2 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 2: REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING EU QUALIFIED CERTIFICATES |
| CAN/CSA-ISO/IEC 27013:16 | Information technology - Security techniques - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 (Adopted ISO/IEC 27013:2015, second edition, 2015-12-01) |
| BS ISO/IEC 27003:2017 | Information technology. Security techniques. Information security management systems. Guidance |
| BS ISO/IEC 29146:2016 | Information technology. Security techniques. A framework for access management |
| TR 101 533-2 : 1.3.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); DATA PRESERVATION SYSTEMS SECURITY; PART 2: GUIDELINES FOR ASSESSORS |
| 17/30355373 DC : 0 | BS ISO/IEC 27019 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY CONTROLS FOR THE ENERGY UTILITY INDUSTRY |
| PD ISO/TR 21548:2010 | Health informatics. Security requirements for archiving of electronic health records. Guidelines |
| BS EN 61069-5:2016 | Industrial-process measurement, control and automation. Evaluation of system properties for the purpose of system assessment Assessment of system dependability |
| PD ISO/TS 17975:2015 | Health informatics. Principles and data requirements for consent in the Collection, Use or Disclosure of personal health information |
| 12/30192106 DC : 0 | BS ISO/IEC 27033-4 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - IT NETWORK SECURITY - PART 4: SECURING COMMUNICATIONS BETWEEN NETWORKS USING SECURITY GATEWAYS |
| BS ISO 12931:2012 | Performance criteria for authentication solutions used to combat counterfeiting of material goods |
| BS ISO/IEC 27035-2:2016 | Information technology. Security techniques. Information security incident management Guidelines to plan and prepare for incident response |
| BS EN ISO 22313:2014 | Societal security. Business continuity management systems. Guidance |
| 15/30192160 DC : 0 | BS ISO/IEC 29146 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - A FRAMEWORK FOR ACCESS MANAGEMENT |
| S.R. CEN/TS 16439:2013 | ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK |
| TS 102 640-4 : 2.1.2 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); REGISTERED ELECTRONIC MAIL (REM) PART 4: REM-MD CONFORMANCE PROFILES |
| UNI EN 16082 : 2011 | AIRPORT AND AVIATION SECURITY SERVICES |
| CAN/CSA-ISO/IEC 27031:13 (R2017) | Information technology - Security techniques - Guidelines for information and communication technology readiness for business continuity (Adopted ISO/IEC 27031:2011, first edition, 2011-03-01) |
| BS ISO/IEC 27035-1:2016 | Information technology. Security techniques. Information security incident management Principles of incident management |
| ANSI X9.95 : 2016 | FINANCIAL SERVICES - TRUSTED TIME STAMP MANAGEMENT AND SECURITY |
| CSA ISO/IEC 27035 : 2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT |
| CSA ISO/IEC 27035 : 2013 : R2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT |
| CSA ISO/IEC 15408-1 : 2010 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 1: INTRODUCTION AND GENERAL MODEL |
| ISO/TR 11633-2:2009 | Health informatics Information security management for remote maintenance of medical devices and medical information systems Part 2: Implementation of an information security management system (ISMS) |
| TS 119 101 : 1.1.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR APPLICATIONS FOR SIGNATURE CREATION AND SIGNATURE VALIDATION |
| CSA ISO/IEC TR 27008: 2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR AUDITORS ON INFORMATION SECURITY CONTROLS |
| INCITS/ISO/IEC 15408-1 : 2012 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 1: INTRODUCTION AND GENERAL MODEL |
| BS ISO/IEC 20000-3:2012 | Information technology. Service management Guidance on scope definition and applicability of ISO/IEC 20000-1 |
| CEI UNI ISO/IEC 27001 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS |
| ISO/IEC TR 24729-4:2009 | Information technology Radio frequency identification for item management Implementation guidelines Part 4: Tag data security |
| TS 119 403 : 2.2.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); TRUST SERVICE PROVIDER CONFORMITY ASSESSMENT - REQUIREMENTS FOR CONFORMITY ASSESSMENT BODIES ASSESSING TRUST SERVICE PROVIDERS |
| ISO/IEC 29146:2016 | Information technology — Security techniques — A framework for access management |
| TR 103 123 : 1.1.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); GUIDANCE FOR AUDITORS AND CSPS ON ETSI TS 102 042 FOR ISSUING PUBLICLY-TRUSTED TLS/SSL CERTIFICATES |
| ISO/IEC 24767-1:2008 | Information technology Home network security Part 1: Security requirements |
| CSA ISO/IEC 27005 : 2011 : R2016 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY RISK MANAGEMENT |
| ISO/IEC TS 20540:2018 | Information technology — Security techniques — Testing cryptographic modules in their operational environment |
| UNE-ISO/IEC TR 19791:2013 IN | Information technology. Security techniques. Security assessment of operational systems |
| ISO/TR 11633-1:2009 | Health informatics Information security management for remote maintenance of medical devices and medical information systems Part 1: Requirements and risk analysis |
| ISO/IEC/IEEE 15289:2017 | Systems and software engineering Content of life-cycle information items (documentation) |
| ISO/TR 12859:2009 | Intelligent transport systems System architecture Privacy aspects in ITS standards and systems |
| S.R. CEN/TR 16742:2014 | INTELLIGENT TRANSPORT SYSTEMS - PRIVACY ASPECTS IN ITS STANDARDS AND SYSTEMS IN EUROPE |
| ABS 0252 : 2016 | DATA INTEGRITY FOR MARINE AND OFFSHORE OPERATIONS - CYBERSAFETY[TM] VOLUME 3 |
| ISO/IEC 27036-1:2014 | Information technology Security techniques Information security for supplier relationships Part 1: Overview and concepts |
| ISO/IEC 27034-1:2011 | Information technology — Security techniques — Application security — Part 1: Overview and concepts |
| ISO 21188:2018 | Public key infrastructure for financial services — Practices and policy framework |
| UNI CEN ISO/TS 14441 : 2014 | HEALTH INFORMATICS - SECURITY AND PRIVACY REQUIREMENTS OF HER SYSTEMS FOR USE IN CONFORMITY ASSESSMENT |
| CSA ISO/IEC 27005 : 2011 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY RISK MANAGEMENT |
| BS ISO/IEC 29147:2014 | Information technology. Security techniques. Vulnerability disclosure |
| BS ISO/IEC/IEEE 15289:2011 | Systems and software engineering. Content of life-cycle information products (documentation) |
| DIN EN 16082:2011-11 | Airport and aviation security services |
| BS ISO/IEC/IEEE 15289:2019 | Systems and software engineering. Content of life-cycle information items (documentation) |
| CSA ISO/IEC TR 15026-1 : 2013 | SYSTEMS AND SOFTWARE ENGINEERING - SYSTEMS AND SOFTWARE ASSURANCE - PART 1: CONCEPTS AND VOCABULARY |
| UNI CEN/TS 15480-4 : 2012 | IDENTIFICATION CARD SYSTEMS - EUROPEAN CITIZEN CARD - PART 4: RECOMMENDATIONS FOR EUROPEAN CITIZEN CARD ISSUANCE, OPERATION AND USE |
| CSA ISO/IEC 15026-1 : 2015 | SYSTEMS AND SOFTWARE ENGINEERING - SYSTEMS AND SOFTWARE ASSURANCE - PART 1: CONCEPTS AND VOCABULARY |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| IEC TR 80001-2-1:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-1: Step by step risk management of medical IT-networks - Practical applications and examples |
| ISO/IEC 27013:2015 | Information technology Security techniques Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 |
| NEMA CPSP 1 : 2015 | SUPPLY CHAIN BEST PRACTICES |
| VDI/VDE 2182 Blatt 1:2011-01 | IT-security for industrial automation - General model |
| UNE-ISO/IEC 20000-2:2015 | Information technology. Service management. Part 2: Guidance on the application of service management systems |
| UNE-EN 16082:2012 | Airport and aviation security services |
| CSA ISO/IEC 27007 : 2013 : R2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR INFORMATION SECURITY MANAGEMENT SYSTEMS AUDITING |
| INCITS/ISO/IEC 24762 : 2009(R2014) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR INFORMATION AND COMMUNICATIONS TECHNOLOGY DISASTER RECOVERY SERVICES |
| 12/30209299 DC : 0 | BS ISO 10008 - QUALITY MANAGEMENT - CUSTOMER SATISFACTION - GUIDELINES FOR BUSINESS-TO-CONSUMER ELECTRONIC COMMERCE TRANSACTIONS |
| TR 103 305 : 1.1.1 | CYBER; CRITICAL SECURITY CONTROLS FOR EFFECTIVE CYBER DEFENCE |
| I.S. EN ISO 11073-00103:2017 | HEALTH INFORMATICS - PERSONAL HEALTH DEVICE COMMUNICATION - PART 00103: OVERVIEW (ISO/IEEE 11073-00103:2015) |
| PD ISO/IEC TR 15443-3:2007 | Information technology. Security techniques. A framework for IT security assurance Analysis of assurance methods |
| CEI EN 61069-5 : 1996 | INDUSTRIAL-PROCESS MEASUREMENT, CONTROL AND AUTOMATION - EVALUATION OF SYSTEM PROPERTIES FOR THE PURPOSE OF SYSTEM ASSESSMENT - PART 5: ASSESSMENT OF SYSTEM DEPENDABILITY |
| DIN EN ISO 22313:2016-05 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE (ISO 22313:2012) |
| BS PAS 7000(2014) : 2014 | SUPPLY CHAIN RISK MANAGEMENT - SUPPLIER PREQUALIFICATION |
| BS ISO/IEC 27035:2011 | Information technology. Security techniques. Information security incident management |
| 17/30281253 DC : 0 | BS ISO 21188 - PUBLIC KEY INFRASTRUCTURE FOR FINANCIAL SERVICES - PRACTICES AND POLICY FRAMEWORK |
| 16/30331802 DC : 0 | BS EN 62887 ED 1.0 - NUCLEAR POWER PLANTS - INSTRUMENTATION SYSTEMS IMPORTANT TO SAFETY - PRESSURE TRANSMITTERS: CHARACTERISTICS AND TEST METHODS |
| ISO/IEC TR 38505-2:2018 | Information technology — Governance of IT — Governance of data — Part 2: Implications of ISO/IEC 38505-1 for data management |
| 17/30342692 DC : 0 | BS ISO/IEC 27007 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR INFORMATION SECURITY MANAGEMENT SYSTEMS AUDITING |
| 14/30304350 DC : 0 | BS EN ISO 27799 - HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 |
| 11/30207799 DC : 0 | BS ISO/IEC 27037 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE |
| BS ISO/IEC 20000-2:2012 | Information technology. Service management Guidance on the application of service management systems |
| BIP 0139 : 2013 | AN INTRODUCTION TO ISO/IEC 27001:2013 |
| 14/30278505 DC : 0 | BS ISO/IEC 27033-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - NETWORK SECURITY PART 1: OVERVIEW AND CONCEPTS |
| 15/30285708 DC : 0 | BS EN ISO 25237 - HEALTH INFORMATICS - PSEUDONYMISATION |
| UNE-ISO/IEC 20000-3:2015 | Information technology. Service management. Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1 |
| BS ISO/IEC 27033-4:2014 | Information technology. Security techniques. Network security Securing communications between networks using security gateways |
| BS ISO/IEC 27009:2016 | Information technology. Security techniques. Sector-specific application of ISO/IEC 27001. Requirements |
| ISO/IEC TR 19791:2010 | Information technology Security techniques Security assessment of operational systems |
| 10/30184432 DC : 0 | BS ISO/IEC 27035 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT |
| BS EN ISO/IEC 27001:2017 | Information technology. Security techniques. Information security management systems. Requirements |
| 12/30257208 DC : DRAFT FEB 2012 | BS ISO/IEC 20000-3 - INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 3: GUIDANCE ON SCOPE DEFINITION AND APPLICABILITY OF ISO/IEC 20000-1 |
| UNE-EN ISO/IEC 27001:2017 | Information technology - Security techniques - Information security management systems - Requirements (ISO/IEC 27001:2013 including Cor 1:2014 and Cor 2:2015) |
| TS 118 111 : 2.4.1 | ONEM2M; COMMON TERMINOLOGY (ONEM2M TS-0011 VERSION 2.4.1 RELEASE 2) |
| OLF 112-2 : 2013 | DEPLOYMENT OF RADIO FREQUENCY IDENTIFICATION (RFID) IN THE OIL AND GAS INDUSTRY - PART 2: ARCHITECTURE AND INTEGRATION |
| ISO/IEC TR 27015:2012 | Information technology Security techniques Information security management guidelines for financial services |
| BS ISO/IEC 27033-5:2013 | Information technology. Security techniques. Network security Securing communications across networks using Virtual Private Networks (VPNs) |
| 11/30199101 DC : 0 | BS ISO 12931 - PERFORMANCE CRITERIA FOR AUTHENTICATION SOLUTIONS FOR ANTI-COUNTERFEITING IN THE FIELD OF MATERIAL GOODS |
| BS EN ISO 22600-2:2014 | Health informatics. Privilege management and access control Formal models |
| 17/30342673 DC : 0 | BS ISO/IEC 27021 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - COMPETENCE REQUIREMENTS FOR INFORMATION SECURITY MANAGEMENT SYSTEMS PROFESSIONALS |
| ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
| PD ISO/TR 11633-2:2009 | Health informatics. Information security management for remote maintenance of medical devices and medical information systems Implementation of an information security management system (ISMS) |
| BS ISO 17090-3:2008 | Health informatics. Public key infrastructure Policy management of certification authority |
| ISO/IEC 27031:2011 | Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity |
| BS ISO/IEC 38505-1:2017 | Information technology. Governance of IT. Governance of data Application of ISO/IEC 38500 to the governance of data |
| BS EN 16082:2011 | Airport and aviation security services |
| BS ISO/IEC 27005:2011 | Information technology. Security techniques. Information security risk management |
| BS ISO/IEC 27032:2012 | Information technology. Security techniques. Guidelines for cybersecurity |
| ISO/IEC 29134:2017 | Information technology — Security techniques — Guidelines for privacy impact assessment |
| 12/30254927 DC : 0 | BS EN 16372 - AESTHETIC SURGERY SERVICES |
| ISO/IEC 27021:2017 | Information technology — Security techniques — Competence requirements for information security management systems professionals |
| CSA ISO/IEC 20000-2 : 2013 : R2017 | INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 2: GUIDANCE ON THE APPLICATION OF SERVICE MANAGEMENT SYSTEMS |
| UNE-ISO/IEC 29182-1:2016 | Information technology - Sensor networks: Sensor Network Reference Architecture (SNRA) - Part 1: General overview and requirements |
| CSA ISO/IEC 27031 : 2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR INFORMATION AND COMMUNICATION TECHNOLOGY READINESS FOR BUSINESS CONTINUITY |
| INCITS/ISO/IEC 27033-5 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - NETWORK SECURITY - PART 5: SECURING COMMUNICATIONS ACROSSS NETWORKS USING VIRTUAL PRIVATE NETWORKS (VPNS) |
| ISO/IEC 15026-1:2013 | Systems and software engineering Systems and software assurance Part 1: Concepts and vocabulary |
| ISO/IEC TR 15443-3:2007 | Information technology Security techniques A framework for IT security assurance Part 3: Analysis of assurance methods |
| ANSI X9.112-1 : 2009 | WIRELESS MANAGEMENT AND SECURITY - PART 1: GENERAL REQUIREMENTS |
| IEC PAS 62443-3:2008 | Security for industrial process measurement and control - Network and system security |
| IEC TR 62351-10:2012 | Power systems management and associated information exchange - Data and communications security - Part 10: Security architecture guidelines |
| ISO/IEC 27034-3:2018 | Information technology — Application security — Part 3: Application security management process |
| ISO/IEC 24762:2008 | Information technology Security techniques Guidelines for information and communications technology disaster recovery services |
| TR 119 400 : 1.1.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); GUIDANCE ON THE USE OF STANDARDS FOR TRUST SERVICE PROVIDERS SUPPORTING DIGITAL SIGNATURES AND RELATED SERVICES |
| S.R. CWA 16460:2012 | GOOD PRACTICE: E-INVOICING COMPLIANCE GUIDELINES - THE COMMENTARY |
| I.S. EN ISO/IEC 27000:2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY (ISO/IEC 27000:2016) |
| AAMI/IEC TIR80001-2-8:2016 | APPLICATION OF RISK MANAGEMENT FOR IT NETWORKS INCORPORATING MEDICAL DEVICES - PART 2-8: APPLICATION GUIDANCE - GUIDANCE ON STANDARDS FOR ESTABLISHING THE SECURITY CAPABILITIES IDENTIFIED IN IEC 80001-2-2 |
| EN ISO 19011:2011 COR 2011 | GUIDELINES FOR AUDITING MANAGEMENT SYSTEMS (ISO 19011:2011) |
| ISO/IEC 27014:2013 | Information technology Security techniques Governance of information security |
| S.R. CEN ISO/TS 19299:2015 | ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK (ISO/TS 19299:2015) |
| ISO/IEC TR 15443-1:2012 | Information technology Security techniques Security assurance framework Part 1: Introduction and concepts |
| CSA ISO 19011 : 2012 : R2017 | GUIDELINES FOR AUDITING MANAGEMENT SYSTEMS |
| TR 103 331 : 1.1.1 | CYBER; STRUCTURED THREAT INFORMATION SHARING |
| CAN/CSA-ISO/IEC 27017:16 | Information technology Security techniques Code of practice for information security controls based on ISO/IEC 27002 for cloud services (Adopted ISO/IEC 27017:2015, first edition, 2015-12-15) |
| ISO 12931:2012 | Performance criteria for authentication solutions used to combat counterfeiting of material goods |
| ANSI X9.112 : 2016 | WIRELESS MANAGEMENT AND SECURITY - PART 1: GENERAL REQUIREMENTS |
| BS EN 16495:2014 | Air Traffic Management. Information security for organisations supporting civil aviation operations |
| UNI EN 16495 : 2014 | AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANIZATIONS SUPPORTING CIVIL AVIATION OPERATIONS |
| TS 102 165-1 : 4.2.3 | CYBER; METHODS AND PROTOCOLS; PART 1: METHOD AND PRO FORMA FOR THREAT, VULNERABILITY, RISK ANALYSIS (TVRA) |
| ISO/IEC 27035:2011 | Information technology Security techniques Information security incident management |
| ISO/IEC 27033-4:2014 | Information technology — Security techniques — Network security — Part 4: Securing communications between networks using security gateways |
| ISO/IEC 27032:2012 | Information technology — Security techniques — Guidelines for cybersecurity |
| ISO/IEC 27039:2015 | Information technology Security techniques Selection, deployment and operations of intrusion detection and prevention systems (IDPS) |
| ISO/TS 21547:2010 | Health informatics Security requirements for archiving of electronic health records Principles |
| ISO/IEC 15026-4:2012 | Systems and software engineering Systems and software assurance Part 4: Assurance in the life cycle |
| ISO/IEC 27037:2012 | Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence |
| ISO/TS 19299:2015 | Electronic fee collection Security framework |
| EN ISO 22600-2:2014 | Health informatics - Privilege management and access control - Part 2: Formal models (ISO 22600-2:2014) |
| UNI/TS 11465-1 : 2012 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI) - DATA PRESERVATION SYSTEMS SECURITY - PART 1: REQUIREMENTS FOR IMPLEMENTATION AND MANAGEMENT |
| UNI/TS 11291-10 : 2013 | GAS MEASUREMENT SYSTEMS - HOURLY BASED GAS METERING SYSTEMS - PART 10: SAFETY |
| CSA ISO/IEC 27009 : 2018 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECTOR-SPECIFIC APPLICATION OF ISO/IEC 27001 - REQUIREMENTS |
| ISO/IEC 27003:2017 | Information technology — Security techniques — Information security management systems — Guidance |
| 12/30250175 DC : 0 | BS ISO/IEC 27036-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY FOR SUPPLIER RELATIONSHIPS - PART 2: COMMON REQUIREMENTS |
| BS ISO/IEC 27036-3:2013 | Information technology. Security techniques. Information security for supplier relationships Guidelines for information and communication technology supply chain security |
| BS ISO/IEC 27018:2014 | Information technology. Security techniques. Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors |
| UNI CEI ISO/IEC TR 20000-3 : 2010 | INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 3: GUIDANCE ON SCOPE DEFINITION AND APPLICABILITY OF ISO/IEC 20000-1 |
| BS ISO/IEC 29151:2017 | Information technology. Security techniques. Code of practice for personally identifiable information protection |
| PD IEC/TR 80001-2-3:2012 | Application of risk management for IT-networks incorporating medical devices Guidance for wireless networks |
| 10/30162769 DC : DRAFT NOV 2010 | BS ISO/IEC 27007 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR INFORMATION SECURITY MANAGEMENT SYSTEMS AUDITING |
| 12/30250178 DC : 0 | BS ISO/IEC 27036-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY FOR SUPPLIER RELATIONSHIPS - PART 3: GUIDELINES FOR ICT SUPPLY CHAIN SECURITY |
| PD IEC/TR 80001-2-8:2016 | Application of risk management for IT-networks incorporating medical devices Application guidance. Guidance on standards for establishing the security capabilities identified in IEC TR 80001-2-2 |
| CAN/CSA-ISO/IEC 27010:16 | Information technology - Security techniques - Information security management for inter-sector and inter-organizational communications (Adopted ISO/IEC 27010:2015, second edition, 2015-11-15) |
| ISO 17090-1:2013 | Health informatics Public key infrastructure Part 1: Overview of digital certificate services |
| BS ISO/IEC 27017:2015 | Information technology. Security techniques. Code of practice for information security controls based on ISO/IEC 27002 for cloud services |
| INCITS/ISO/IEC 27010 : 2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT FOR INTER-SECTOR AND INTER-ORGANIZATIONAL COMMUNICATIONS |
| CSA INFORMATION SECURITY PACKAGE : 2018 | CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION |
| BS ISO 10008:2013 | Quality management. Customer satisfaction. Guidelines for business-to-consumer electronic commerce transactions |
| 12/30192109 DC : 0 | BS ISO/IEC 27033-5 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - IT NETWORK SECURITY - PART 5: SECURING COMMUNICATIONS ACROSS NETWORKS USING VIRTUAL PRIVATE NETWORK (VPNS) |
| PD ISO/IEC TR 24714-1:2008 | Information technology. Biometrics. Jurisdictional and societal considerations for commercial applications General guidance |
| BS ISO/IEC 27039:2015 | Information technology. Security techniques. Selection, deployment and operations of intrusion detection and prevention systems (IDPS) |
| 09/30184534 DC : DRAFT JAN 2009 | BS ISO/IEC 20000-1 - INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 1: SERVICE MANAGEMENT SYSTEM REQUIREMENTS |
| PD IEC/TR 80001-2-2:2012 | Application of risk management for IT-networks incorporating medical devices Guidance for the disclosure and communication of medical device security needs, risks and controls |
| BS ISO/IEC 15026-1:2013 | Systems and software engineering. Systems and software assurance Concepts and vocabulary |
| PD IEC/TR 80001-2-1:2012 | Application of risk management for IT-networks incorporating medical devices Step-by-step risk management of medical IT-networks. Practical applications and examples |
| S.R. CEN/TS 15480-4:2012 | IDENTIFICATION CARD SYSTEMS - EUROPEAN CITIZEN CARD - PART 4: RECOMMENDATIONS FOR EUROPEAN CITIZEN CARD ISSUANCE, OPERATION AND USE |
| BIP 0071 : 2014 | GUIDELINES ON REQUIREMENTS AND PREPARATION FOR ISMS CERTIFICATION BASED ON ISO/IEC 27001 |
| 12/30192064 DC : 0 | BS ISO/IEC 27001 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM - REQUIREMENTS |
| BS ISO 21188:2006 | Public key infrastructure for financial services. Practices and policy framework |
| ISO/IEC 29182-4:2013 | Information technology Sensor networks: Sensor Network Reference Architecture (SNRA) Part 4: Entity models |
| PD IEC/TR 63084:2017 | Nuclear power plants. Instrumentation and control important to safety. Platform qualification for systems important to safety |
| PD ISO/TR 11633-1:2009 | Health informatics. Information security management for remote maintenance of medical devices and medical information systems Requirements and risk analysis |
| ISO/IEC 27036-3:2013 | Information technology — Security techniques — Information security for supplier relationships — Part 3: Guidelines for information and communication technology supply chain security |
| ANSI/AAMI/IEC TIR80001-2-1:2012 | APPLICATION OF RISK MANAGEMENT FOR IT-NETWORKS INCORPORATING MEDICAL DEVICES - PART 2-1: STEP BY STEP RISK MANAGEMENT OF MEDICAL IT-NETWORKS - PRACTICAL APPLICATIONS AND EXAMPLES |
| BS ISO/IEC 27034-1:2011 | Information technology. Security techniques. Application security Overview and concepts |
| CEI UNI ISO/IEC TR 20000-3 : 2011 | INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 3: GUIDANCE ON SCOPE DEFINITION AND APPLICABILITY OF ISO/IEC 20000-1 |
| DIN ISO/IEC 17789:2016-10 (Draft) | INFORMATION TECHNOLOGY - CLOUD COMPUTING - REFERENCE ARCHITECTURE (ISO/IEC 17789:2014) |
| DIN CEN ISO/TS 19299;DIN SPEC 74125:2016-02 | ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK (ISO/TS 19299:2015) |
| ISO/IEC 24760-3:2016 | Information technology — Security techniques — A framework for identity management — Part 3: Practice |
| 16/30316173 DC : 0 | BS ISO/IEC 19086-1 - INFORMATION TECHNOLOGY - CLOUD COMPUTING - SERVICE LEVEL AGREEMENT (SLA) FRAMEWORK - PART 1: OVERVIEW AND CONCEPTS |
| BS EN ISO 11073-00103:2017 | Health informatics. Personal health device communication Overview |
| 07/30166242 DC : 0 | BS ISO/IEC 27011 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT GUIDELINES FOR TELECOMMUNICATIONS |
| PD CEN ISO/TS 19299:2015 | Electronic fee collection. Security framework |
| BS ISO/IEC 27031:2011 | Information technology. Security techniques. Guidelines for information and communication technology readiness for business continuity |
| 15/30320354 DC : 0 | BS ISO/IEC 27010 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT FOR INTER-SECTOR AND INTER-ORGANIZATIONAL COMMUNICATIONS |
| DIN EN ISO 22600-2:2015-02 | HEALTH INFORMATICS - PRIVILEGE MANAGEMENT AND ACCESS CONTROL - PART 2: FORMAL MODELS (ISO 22600-2:2014) |
| BS ISO/IEC 29182-4:2013 | Information technology. Sensor networks: Sensor Network Reference Architecture (SNRA) Entity models |
| 13/30266767 DC : 0 | BS ISO/IEC 27018 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR P2 PROTECTION IN PUBLIC CLOUD ACTING AS P2 PROCESSORS |
| BS EN ISO 27799:2008 | Health informatics. Information security management in health using ISO/IEC 27002 |
| BS ISO/IEC 29182-1:2013 | Information technology. Sensor networks: Sensor Network Reference Architecture (SNRA) General overview and requirements |
| 14/30299515 DC : 0 | BS EN 16747 - MARITIME AND PORT SECURITY SERVICES |
| 08/30134763 DC : DRAFT JUNE 2008 | BS ISO/IEC 27004 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT - MEASUREMENT |
| 12/30209825 DC : 0 | BS ISO/IEC 27014 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GOVERNANCE OF INFORMATION SECURITY |
| BIS IS/ISO 19011 : 2011(R2016) | GUIDELINES FOR AUDITING MANAGEMENT SYSTEMS |
| PD ISO/IEC TR 15443-1:2012 | Information technology. Security techniques. Security assurance framework Introduction and concepts |
| CSA ISO/IEC 15408-1 : 2010 : R2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 1: INTRODUCTION AND GENERAL MODEL |
| INCITS/ISO/IEC 27033-2 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - NETWORK SECURITY - PART 2: GUIDELINES FOR THE DESIGN AND IMPLEMENTATION OF NETWORK SECURITY |
| DD IEC/TS 62351-2:2008 | Power systems management and associated information exchange. Data and communications security Glossary of terms |
| UNI CEN/TS 16439 : 2013 | ELECTRONIC FEE COLLECTION - SECURITY FRAMEWORK |
| TS 119 401 : 2.0.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); GENERAL POLICY REQUIREMENTS FOR TRUST SERVICE PROVIDERS |
| 16/30326000 DC : 0 | BS ISO/IEC 19770-1 - INFORMATION TECHNOLOGY - IT ASSET MANAGEMENT - PART 1: IT ASSET MANAGEMENT SYSTEMS - REQUIREMENTS |
| CSA ISO 19011 : 2012 | GUIDELINES FOR AUDITING MANAGEMENT SYSTEMS |
| IEEE 20000-2-2013 | IEEE Standard -- Adoption of ISO/IEC 20000-2:2012, Information technology -- Service management -- Part 2: Guidance on the application of service management systems |
| CSA ISO/IEC 20000-2:2013 | INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 2: GUIDANCE ON THE APPLICATION OF SERVICE MANAGEMENT SYSTEMS |
| CAN/CSA-IEC 62443-3-3:17 | Industrial communication networks — Network and system security — Part 3-3: System security requirements and security levels (Adopted IEC 62443-3-3:2013, first edition, 2013-08) |
| ISO/IEC 24760-2:2015 | Information technology — Security techniques — A framework for identity management — Part 2: Reference architecture and requirements |
| 15/30267674 DC : 0 | BS ISO/IEC 27035-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT - PART 1: PRINCIPLES OF INCIDENT MANAGEMENT |
| 16/30298078 DC : 0 | BS EN 82079-1 ED 2.0 - PREPARATION OF INSTRUCTIONS FOR USE - STRUCTURING, CONTENT AND PRESENTATION - PART 1: GENERAL PRINCIPLES AND DETAILED REQUIREMENTS |
| ISO/IEC 27035-2:2016 | Information technology — Security techniques — Information security incident management — Part 2: Guidelines to plan and prepare for incident response |
| CSA ISO/IEC TR 20000-5 : 2015 | INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 5: EXEMPLAR IMPLEMENTATION PLAN FOR ISO/IEC 20000-1 |
| TS 119 172-1 : 1.1.1 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); SIGNATURE POLICIES; PART 1: BUILDING BLOCKS AND TABLE OF CONTENTS FOR HUMAN READABLE SIGNATURE POLICY DOCUMENTS |
| UNE-ISO/IEC 27000:2014 | Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary |
| ISO/IEC 19770-1:2017 | Information technology — IT asset management — Part 1: IT asset management systems — Requirements |
| SR 003 391 : 2.1.1 | CLOUD STANDARDS COORDINATION PHASE 2; INTEROPERABILITY AND SECURITY IN CLOUD COMPUTING |
| I.S. EN IEC 62443-4-1:2018 | SECURITY FOR INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS - PART 4-1: SECURE PRODUCT DEVELOPMENT LIFECYCLE REQUIREMENTS |
| INCITS/ISO/IEC 29182-1 : 2014 | INFORMATION TECHNOLOGY - SENSOR NETWORKS: SENSOR NETWORK REFERENCE ARCHITECTURE (SNRA) - PART 1: GENERAL OVERVIEW AND REQUIREMENTS |
| GS ISI 001-2 : 1.1.2 | INFORMATION SECURITY INDICATORS (ISI); INDICATORS (INC); PART 2: GUIDE TO SELECT OPERATIONAL INDICATORS BASED ON THE FULL SET GIVEN IN PART 1 |
| I.S. EN ISO/IEC 27037:2016 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE (ISO/IEC 27037:2012) |
| I.S. EN 16082:2011 | AIRPORT AND AVIATION SECURITY SERVICES |
| I.S. EN 61069-5:2016 | INDUSTRIAL-PROCESS MEASUREMENT, CONTROL AND AUTOMATION - EVALUATION OF SYSTEM PROPERTIES FOR THE PURPOSE OF SYSTEM ASSESSMENT - PART 5: ASSESSMENT OF SYSTEM DEPENDABILITY |
| SAE J 3061 : 2016 | CYBERSECURITY GUIDEBOOK FOR CYBER-PHYSICAL VEHICLE SYSTEMS |
| CSA ISO/IEC TR 15443-1 : 2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY ASSURANCE FRAMEWORK - PART 1: INTRODUCTION AND CONCEPTS |
| ISO/IEC 27033-5:2013 | Information technology — Security techniques — Network security — Part 5: Securing communications across networks using Virtual Private Networks (VPNs) |
| UNI/TS 11465-3 : 2013 | Electronic Signatures and Infrastructures (ESI) - Security in Data Retention - Italian complement to ETSI TS 101 533-1 and ETSI TR 101 533-2 |
| ISO/IEC 30100-2:2016 | Information technology Home network resource management Part 2: Architecture |
| IEC TR 80001-2-8:2016 | Application of risk management for IT-networks incorporating medical devices - Part 2-8: Application guidance - Guidance on standards for establishing the security capabilities identified in IEC TR 80001-2-2 |
| UNE-ISO/IEC TR 20000-3:2011 IN | Information technology. Service management. Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1 |
| EN ISO 9004:2018 | Quality management - Quality of an organization - Guidance to achieve sustained success (ISO 9004:2018) |
| IEC TR 80001-2-3:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-3: Guidance for wireless networks |
| ISO/IEC TR 15026-1:2010 | Systems and software engineering Systems and software assurance Part 1: Concepts and vocabulary |
| ISO/IEC 27010:2015 | Information technology Security techniques Information security management for inter-sector and inter-organizational communications |
| ISO/IEC 29187-1:2013 | Information technology — Identification of privacy protection requirements pertaining to learning, education and training (LET) — Part 1: Framework and reference model |
| ISO/IEC 29147:2014 | Information technology Security techniques Vulnerability disclosure |
| IEC TS 62351-2:2008 | Power systems management and associated information exchange - Data and communications security - Part 2: Glossary of terms |
| IEC 62855:2016 | Nuclear power plants - Electrical power systems - Electrical power systems analysis |
| ISO/IEC 27033-1:2015 | Information technology Security techniques Network security Part 1: Overview and concepts |
| IEC TR 80001-2-2:2012 | Application of risk management for IT-networks incorporating medical devices - Part 2-2: Guidance for the disclosure and communication of medical device security needs, risks and controls |
| ISO/IEC 27011:2016 | Information technology — Security techniques — Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations |
| BS ISO/IEC 27040 : 2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY |
| EN ISO 22313:2014 | Societal security - Business continuity management systems - Guidance (ISO 22313:2012) |
| BS EN ISO/IEC 27040:2016 | Information technology. Security techniques. Storage security |
| ISO/IEC 27040:2015 | Information technology — Security techniques — Storage security |
| ISO/IEC 20000-3:2012 | Information technology Service management Part 3: Guidance on scope definition and applicability of ISO/IEC 20000-1 |
| ISO 22600-2:2014 | Health informatics Privilege management and access control Part 2: Formal models |
| ISO/TS 14441:2013 | Health informatics — Security and privacy requirements of EHR systems for use in conformity assessment |
| UNI EN ISO 22313 : 2015 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE |
| UNE-EN ISO 22313:2015 | Societal security - Business continuity management systems - Guidance (ISO 22313:2012) |
| ISO/IEC 20000-2:2012 | Information technology Service management Part 2: Guidance on the application of service management systems |
| IEC TR 63084:2017 | Nuclear power plants - Instrumentation and control important to safety - Platform qualification for systems important to safety |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC TR 20000-5:2013 | Information technology Service management Part 5: Exemplar implementation plan for ISO/IEC 20000-1 |
| EN ISO/IEC 27000:2017 | Information technology - Security techniques - Information security management systems - Overview and vocabulary (ISO/IEC 27000:2016) |
| EN 16082:2011 | Airport and aviation security services |
| EN ISO 11073-00103:2017 | Health informatics - Personal health device communication - Part 00103: Overview (ISO/IEEE 11073-00103:2015) |
| EN ISO/IEC 27040:2016 | Information technology - Security techniques - Storage security (ISO/IEC 27040:2015) |
| EN ISO 27799:2016 | Health informatics - Information security management in health using ISO/IEC 27002 (ISO 27799:2016) |
| EN ISO/IEC 27001:2017 | Information technology - Security techniques - Information security management systems - Requirements (ISO/IEC 27001:2013 including Cor 1:2014 and Cor 2:2015) |
| EN 16747:2015 | Maritime and port security services |
| EN ISO/IEC 27037:2016 | Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence (ISO/IEC 27037:2012) |
| EN 16495:2014 | Air Traffic Management - Information security for organisations supporting civil aviation operations |
| INCITS/ISO/IEC 27013 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDANCE ON THE INTEGRATED IMPLEMENTATION OF ISO/IEC 27001 AND ISO/IEC 20000-1 |
| BS IEC 62443-3-3:2013 | Industrial communication networks. Network and system security System security requirements and security levels |
| BS ISO/IEC 27014:2013 | Information technology. Security techniques. Governance of information security |
| CSA ISO 10008 : 2015 | QUALITY MANAGEMENT - CUSTOMER SATISFACTION - GUIDELINES FOR BUSINESS-TO-CONSUMER ELECTRONIC COMMERCE TRANSACTIONS |
| BS ISO/IEC 27036-2:2014 | Information technology. Security techniques. Information security for supplier relationships Requirements |
| 10/30184538 DC : 0 | BS ISO/IEC 20000-2 - INFORMATION TECHNOLOGY - SERVICE MANAGEMENT - PART 2: GUIDANCE ON THE APPLICATION OF SERVICE MANAGEMENT SYSTEMS |
| 12/30249606 DC : 0 | BS EN 62645 ED 1.0 - NUCLEAR POWER PLANTS - INSTRUMENTATION AND CONTROL SYSTEMS - REQUIREMENT S FOR SECURITY PROGRAMMES FOR COMPUTER-BASED SYSTEMS |
| ISO/IEC TR 24714-1:2008 | Information technology — Biometrics — Jurisdictional and societal considerations for commercial applications — Part 1: General guidance |
| ISO/IEC TR 27008:2011 | Information technology Security techniques Guidelines for auditors on information security controls |
| BS ISO/IEC 15944-8:2012 | Information technology. Business Operational View Identification of privacy protection requirements as external constraints on business transactions |
| CAN/CSA-ISO/IEC 17789:16 | Information technology Cloud computing Reference architecture (Adopted ISO/IEC 17789:2014, first edition, 2014-10-15) |
| BS ISO/IEC 27036-1:2014 | Information technology. Security techniques. Information security for supplier relationships Overview and concepts |
| BS EN 16747:2015 | Maritime and port security services |
| CSA ISO/IEC 24762 : 2008 : R2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR INFORMATION AND COMMUNICATIONS TECHNOLOGY DISASTER RECOVERY SERVICES |
| BS ISO/IEC 27007:2017 | Information technology. Security techniques. Guidelines for information security management systems auditing |
| ISO/IEC 27035-1:2016 | Information technology — Security techniques — Information security incident management — Part 1: Principles of incident management |
| ISO 17090-3:2008 | Health informatics Public key infrastructure Part 3: Policy management of certification authority |
| CSA ISO/IEC 27007 : 2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR INFORMATION SECURITY MANAGEMENT SYSTEMS AUDITING |
| ISO/IEC 27007:2017 | Information technology Security techniques Guidelines for information security management systems auditing |
| GS ISI 001-1 : 1.1.2 | INFORMATION SECURITY INDICATORS (ISI); INDICATORS (INC); PART 1: A FULL SET OF OPERATIONAL INDICATORS FOR ORGANIZATIONS TO USE TO BENCHMARK THEIR SECURITY POSTURE |
| GS ISI 004 : 1.1.1 | INFORMATION SECURITY INDICATORS (ISI); GUIDELINES FOR EVENT DETECTION IMPLEMENTATION |
| EN 319 411-1 : 1.2.2 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY AND SECURITY REQUIREMENTS FOR TRUST SERVICE PROVIDERS ISSUING CERTIFICATES; PART 1: GENERAL REQUIREMENTS |
| BS ISO/IEC 27033-2:2012 | Information technology. Security techniques. Network security Guidelines for the design and implementation of network security |
| 15/30259619 DC : 0 | BS ISO/IEC 27017 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS BASED ON ISO/IEC 27002 FOR CLOUD SERVICES |
| BS ISO/IEC 27001 : 2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS |
| UNE-EN 16747:2016 | Maritime and port security services |
| 17/30349211 DC : 0 | BS ISO/IEC 29147 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - VULNERABILITY DISCLOSURE |
| BS ISO/IEC 27033-1:2015 | Information technology. Security techniques. Network security Overview and concepts |
| 08/30146238 DC : DRAFT JUNE 2008 | BS ISO/IEC 27000 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM - OVERVIEW AND VOCABULARY |
| DIN ISO/IEC 27018:2017-08 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION (PII) IN PUBLIC CLOUDS ACTING AS PII PROCESSORS (ISO/IEC 27018:2014) |
| 10/30168519 DC : DRAFT JUNE 2010 | BS ISO/IEC 27034-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - APPLICATION SECURITY - PART 1: OVERVIEW AND CONCEPTS |
| 16/30333228 DC : 0 | BS ISO/IEC 38505-1 - INFORMATION TECHNOLOGY - GOVERNANCE OF IT - PART 1: THE APPLICATION OF ISO/IEC 38500 TO THE GOVERNANCE OF DATA |
| PD CEN ISO/TS 14441:2013 | Health informatics. Security and privacy requirements of EHR systems for use in conformity assessment |
| 14/30298031 DC : 0 | BS EN 61069-5 ED 2.0 - INDUSTRIAL-PROCESS MEASUREMENT AND CONTROL - EVALUATION OF SYSTEM PROPERTIES FOR THE PURPOSE OF SYSTEM ASSESSMENT - PART 5: ASSESSMENT OF SYSTEM DEPENDABILITY |
| 12/30232738 DC : 0 | BS ISO/IEC 29182-1 - INFORMATION TECHNOLOGY - SENSOR NETWORKS: SENSOR NETWORK REFERENCE ARCHITECTURE (SNRA) - PART 1: GENERAL OVERVIEW AND REQUIREMENTS |
| INCITS/ISO/IEC 27040 : 2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY |
| 11/30207802 DC : 0 | BS ISO/IEC 27013 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES ON THE INTEGRATED IMPLEMENTATION OF ISO/IEC 27001 AND ISO/IEC 20000-1 |
| IEEE 15026-4-2013 | IEEE Standard Adoption of ISO/IEC 15026-4--Systems and Software Engineering--Systems and Software Assurance--Part 4: Assurance in the Life Cycle |
| BS ISO/IEC 27021:2017 | Information technology. Security techniques. Competence requirements for information security management systems professionals |
| BS ISO/IEC 27013:2015 | Information technology. Security techniques. Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 |
| PD CEN/TS 16439:2013 | Electronic fee collection. Security framework |
| UNE-ISO/IEC 27001:2014 | Information technology -- Security techniques -- Information security management systems -- Requirements |
| PD ISO/IEC TR 27016:2014 | Information technology. Security techniques. Information security management. Organizational economics |
| 17/30213621 DC : 0 | BS ISO/IEC 27034-3 - INFORMATION TECHNOLOGY - APPLICATION SECURITY - PART 3: APPLICATION SECURITY MANAGEMENT PROCESS |
| 13/30250756 DC : 0 | BS ISO/IEC 27039 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SELECTION, DEPLOYMENT AND OPERATIONS OF INTRUSION DETECTION SYSTEMS |
| DIN EN 16747:2015-11 | Maritime and port security services |
| GS ISI 003 : 1.2.1 | INFORMATION SECURITY INDICATORS (ISI); KEY PERFORMANCE SECURITY INDICATORS (KPSI) TO EVALUATE THE MATURITY OF SECURITY EVENT DETECTION |
| BS EN ISO 19011:2011 | Guidelines for auditing management systems |
| BIP 2151 : 2012 | AUDITING BUSINESS CONTINUITY MANAGEMENT PLANS - ASSESS AND IMPROVE YOUR PERFORMANCE AGAINST ISO 22301 |
| GS ISI 002 : 1.2.1 | INFORMATION SECURITY INDICATORS (ISI); EVENT MODEL A SECURITY EVENT CLASSIFICATION MODEL AND TAXONOMY |
| ISO/IEC 27018:2014 | Information technology Security techniques Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors |
| UNI/TR 11465-2 : 2012 | ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI) - DATA PRESERVATION SYSTEMS SECURITY - PART 2: GUIDELINES FOR ASSESSORS |
| I.S. EN ISO/IEC 27001:2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS (ISO/IEC 27001:2013 INCLUDING COR 1:2014 AND COR 2:2015) |
| PREN 9115 : 200P1 | QUALITY MANAGEMENT SYSTEMS - REQUIREMENTS FOR AVIATION, SPACE AND DEFENSE ORGANIZATIONS - DELIVERABLE SOFTWARE (SUPPLEMENT TO EN 9100) |
| I.S. EN 16495:2014 | AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANISATIONS SUPPORTING CIVIL AVIATION OPERATIONS |
| IEEE 11073-00103-2012 | Health informatics - Personal health device communication Part 00103: Overview |
| IEEE/ISO/IEC 15026-1-2014 | IEEE Standard Adoption of ISO/IEC 15026-1--Systems and Software Engineering--Systems and Software Assurance--Part 1: Concepts and Vocabulary |
| I.S. EN ISO 9004:2009 | QUALITY MANAGEMENT - QUALITY OF AN ORGANIZATION - GUIDANCE TO ACHIEVE SUSTAINED SUCCESS (ISO 9004:2018) |
| ISO/IEC 29151:2017 | Information technology — Security techniques — Code of practice for personally identifiable information protection |
| ISO 9004:2018 | Quality management — Quality of an organization — Guidance to achieve sustained success |
| S.R. CEN/TS 16850:2015 | SOCIETAL AND CITIZEN SECURITY - GUIDANCE FOR MANAGING SECURITY IN HEALTHCARE FACILITIES |
| I.S. EN ISO/IEC 27040:2016 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015) |
| S.R. CEN/TS 17159:2018 | SOCIETAL AND CITIZEN SECURITY - GUIDANCE FOR THE SECURITY OF HAZARDOUS MATERIALS (CBRNE) IN HEALTHCARE FACILITIES |
| S.R. CWA 16036:2009 | CYBER-IDENTITY - UNIQUE IDENTIFICATION SYSTEMS FOR ORGANIZATIONS AND PARTS THEREOF |
| INCITS/ISO/IEC 27001 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS |
| ISO/TR 18638:2017 | Health informatics Guidance on health information privacy education in healthcare organizations |
| I.S. EN ISO 22600-2:2014 | HEALTH INFORMATICS - PRIVILEGE MANAGEMENT AND ACCESS CONTROL - PART 2: FORMAL MODELS (ISO 22600-2:2014) |
| ABS 0251 : 2016 | CYBERSECURITY IMPLEMENTATION FOR THE MARINE AND OFFSHORE INDUSTRIES - CYBERSAFETY[TM] VOLUME 2 |
| ISO/IEC 17789:2014 | Information technology — Cloud computing — Reference architecture |
| UNE-EN ISO 19011:2012 | Guidelines for auditing management systems (ISO 19011:2011) |
| ISO/TS 17975:2015 | Health informatics — Principles and data requirements for consent in the Collection, Use or Disclosure of personal health information |
| ISO/IEC 15944-8:2012 | Information technology — Business operational view — Part 8: Identification of privacy protection requirements as external constraints on business transactions |
| ISO/IEC TR 27019:2013 | Information technology Security techniques Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry |
| ISO 22313:2012 | Societal security Business continuity management systems Guidance |
| EN 61069-5:2016 | Industrial-process measurement, control and automation - Evaluation of system properties for the purpose of system assessment - Part 5: Assessment of system dependability |
| CEN/TS 16439:2013 | Electronic fee collection - Security framework |
| UNE-ISO 22313:2013 | Societal security.Business continuity management systems. Guidance |
| CEN/TR 16742:2014 | Intelligent transport systems - Privacy aspects in ITS standards and systems in Europe |
| CAN/CSA-ISO/IEC 27011:18 | Information technology ? Security techniques ? Code of practice for information security controls based on ISO/IEC 27002 for telecommunications organizations (Adopted ISO/IEC 27011:2016, second edition, 2016-12-01) |
| CAN/CSA-ISO/IEC 27035-2:18 | Information technology — Security techniques — Information security incident management — Part 2: Guidelines to plan and prepare for incident response (Adopted ISO/IEC 27035-2:2016, first edition, 2016-11-01) |
| CAN/CSA-ISO/IEC 19086-1:18 | Information technology — Cloud computing — Service level agreement (SLA) framework — Part 1: Overview and concepts (Adopted ISO/IEC 19086-1:2016, first edition, 2016-09-15) |
| CAN/CSA-ISO/CEI 27001:14 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS |
| INCITS/ISO/IEC 27036-1:2014(2019) | Information technology -- Security techniques -- Information security for supplier relationships -- Part 1: Overview and concepts |
| INCITS/ISO/IEC 27035-1:2016(2019) | Information technology — Security techniques — Information security incident management — Part 1: Principles of incident management |
| IINCITS/ISO/IEC 27007 : 2017(2019) | Information technology — Security techniques — Guidelines for information security management systems auditing |
| INCITS/ISO/IEC 27035-2:2016(2019) | Information technology -- Security techniques -- Information security incident management -- Part 2: Guidelines to plan and prepare for incident response<br> |
| CAN/CSA-ISO/IEC 24760-3:18 | Information technology — Security techniques — A framework for identity management — Part 3: Practice (Adopted ISO/IEC 24760-3:2016, first edition, 2016-08-01) |
| INCITS/ISO/IEC 27033-4:2014(R2023) | Information technology — Security techniques — Network security — Part 4: Securing communications between networks using security gateways |
| CAN/CSA-ISO/IEC 30100-2:18 | Information technology — Home network resource management — Part 2: Architecture (Adopted ISO/IEC 30100-2:2016, first edition, 2016-04) |
| CAN/CSA-ISO/IEC 27035-1:18 | Information technology — Security techniques — Information security incident management — Part 1: Principles of incident management (Adopted ISO/IEC 27035-1:2016, first edition, 2016-11-01) |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC 27035:2011 | Information technology Security techniques Information security incident management |
| ISO/IEC 11770-2:2008 | Information technology Security techniques Key management Part 2: Mechanisms using symmetric techniques |
| ISO 31000:2009 | Risk management Principles and guidelines |
| ISO/IEC 27037:2012 | Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence |
| ISO 22301:2012 | Societal security Business continuity management systems Requirements |
| ISO/IEC 27031:2011 | Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity |
| ISO/IEC 27033-1:2015 | Information technology Security techniques Network security Part 1: Overview and concepts |
| ISO/IEC 27033-5:2013 | Information technology — Security techniques — Network security — Part 5: Securing communications across networks using Virtual Private Networks (VPNs) |
| ISO/IEC 20000-1:2011 | Information technology Service management Part 1: Service management system requirements |
| ISO/IEC 27036-3:2013 | Information technology — Security techniques — Information security for supplier relationships — Part 3: Guidelines for information and communication technology supply chain security |
| ISO/IEC 20000-2:2012 | Information technology Service management Part 2: Guidance on the application of service management systems |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| AS ISO/IEC 17789:2020 | Information technology - Cloud computing - Reference architecture |
| SA/SNZ TR ISO/IEC 38505.2:2019 | Information technology - Governance of IT - Governance of data Implications of ISO/IEC 38505-1 for data management |
| ISO/IEC 29101:2013 | Information technology Security techniques Privacy architecture framework |
| ISO/IEC 27033-4:2014 | Information technology — Security techniques — Network security — Part 4: Securing communications between networks using security gateways |
| ISO/IEC 27036-1:2014 | Information technology Security techniques Information security for supplier relationships Part 1: Overview and concepts |
| ISO/IEC 27036-2:2014 | Information technology Security techniques Information security for supplier relationships Part 2: Requirements |
| ISO/IEC TR 27008:2011 | Information technology Security techniques Guidelines for auditors on information security controls |
| ISO/IEC 27007:2017 | Information technology Security techniques Guidelines for information security management systems auditing |
| ISO/IEC 27033-3:2010 | Information technology — Security techniques — Network security — Part 3: Reference networking scenarios — Threats, design techniques and control issues |
| ISO/IEC 27033-2:2012 | Information technology — Security techniques — Network security — Part 2: Guidelines for the design and implementation of network security |
| ISO 22313:2012 | Societal security Business continuity management systems Guidance |
| ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
| ISO/IEC 11770-1:2010 | Information technology Security techniques Key management Part 1: Framework |
| ISO 15489-1:2016 | Information and documentation Records management Part 1: Concepts and principles |
| AS ISO 22313:2020 | Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301 |
| ISO/IEC 11770-3:2015 | Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques |
| ISO/IEC 29100:2011 | Information technology — Security techniques — Privacy framework |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.