PD ISO/IEC TR 27016:2014
Current
The latest, up-to-date edition.
Information technology. Security techniques. Information security management. Organizational economics
Hardcopy , PDF
English
28-02-2014
Important note : Users cannot be edited or removed once added to your Multi user PDF.
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Structure of this Document
6 Information Security Economic Factors
7 Economic Objectives
8 Balancing Information Security Economics for ISM
Annex A (informative) - Identification of Stakeholders
and Objectives for Setting Values
Annex B (informative) - Economic Decisions and Key
Cost Decision Factors
Annex C (informative) - Economic Models Appropriate
for Information Security
Annex D (informative) - Business Cases Calculation
Examples
Bibliography
Gives guidelines on how an organization can make decisions to protect information and understand the economic consequences of these decisions in the context of competing requirements for resources.
| Committee |
IST/33/1
|
| DocumentType |
Standard
|
| Pages |
42
|
| PublisherName |
British Standards Institution
|
| Status |
Current
|
This Technical Report provides guidelines on how an organization can make decisions to protect information and understand the economic consequences of these decisions in the context of competing requirements for resources.
This Technical Report is applicable to all types and sizes of organizations and provides information to enable economic decisions in information security management by top management who have responsibility for information security decisions.
| Standards | Relationship |
| ISO/IEC TR 27016:2014 | Identical |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC 27003:2017 | Information technology — Security techniques — Information security management systems — Guidance |
| ISO/IEC 27004:2016 | Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation |
| ISO 31000:2009 | Risk management Principles and guidelines |
| ISO/IEC 27006:2015 | Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems |
| ISO/IEC 27014:2013 | Information technology Security techniques Governance of information security |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| ISO/IEC 27007:2017 | Information technology Security techniques Guidelines for information security management systems auditing |
| ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.