Normen und Standards – IT Sicherheitsnormen und Standards- Ein Projekt der FH-St.Pölten

Hier finden Sie alle Normen und Standards, der Reihe nach aufgelistet.

ISO 27004 – Monitoring, measurement, analysis and evaluation

Beschreibung ISO/IEC 27004:2016 provides guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system in order to fulfil the requirements of ISO/IEC 27001:2013. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Information technology — Security techniques — Information security management — Monitoring, measurement,…

Juli 26, 2022
ISO 27005 – Guidance on managing information security risks

Beschreibung This document provides guidelines for information security risk management. Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Information technology — Security techniques — Information security risk management Status In Überarbeitung: Stand 2022

Juli 26, 2022
ISO 27006 – Requirements for bodies providing audit and certification of information security management systems

Beschreibung ISO/IEC 27006:2015 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021‑1 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification. ISO.org Weiterführende Links Das Dokument kann hier erworben…

Juli 26, 2022
ISO 27007 – Guidelines for information security management systems auditing

Beschreibung This document provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Information security, cybersecurity and privacy protection — Guidelines for information security…

Juli 26, 2022
ISO 27008 – Guidelines for Auditors

Beschreibung This document provides guidance on reviewing and assessing the implementation and operation of information security controls, including the technical assessment of information system controls, in compliance with an organization’s established information security requirements including technical compliance against assessment criteria based on the information security requirements established by the organization. ISO.org Weiterführende Links Das Dokument…

Juli 26, 2022
ISO 27010 – Information security management for inter-sector and inter-organizational communications

Beschreibung This International Standard provides controls and guidance specifically relating to initiating, implementing, maintaining, and improving information security in inter-organizational and inter-sector communications. It provides guidelines and general principles on how the specified requirements can be met using established messaging and other technical methods. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Information…

Juli 26, 2022
ISO 27011 – ISM Telecommunication Guidelines

Beschreibung The scope of this Recommendation | ISO/IEC 27011:2016 is to define guidelines supporting the implementation of information security controls in telecommunications organizations. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Information technology — Security techniques — telecommunications organizations — ISM Telecommunication Guidelines Status In Überarbeitung: Stand 2020

Juli 26, 2022
ISO 27013 – Guidance on the integrated implementation

Beschreibung This document focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC 27001 and a service management system (SMS) as specified in ISO/IEC 20000-1. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Information security, cybersecurity and privacy protection — Guidance on the integrated implementation Status Aktuell: Stand…

Juli 26, 2022
ISO 27014 – Governance of information security

Beschreibung This document provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor and communicate the information security-related processes within the organization. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Information security, cybersecurity and privacy protection — Governance of information security Status Aktuell:…

Juli 26, 2022
ISO 27015 – ISM guidelines for financial services

Beschreibung ISO/IEC TR 27015:2012 provides information security guidance complementing and in addition to information security controls defined in ISO/IEC 27002:2005 for initiating, implementing, maintaining, and improving information security within organizations providing financial services. ISO.org Weiterführende Links Weitere Informationen können Sie hier nachlesen. Das Dokument wurde bereits zurückgezogen, kann jedoch hier noch erworben werden. Schlagwörter ISM…

Juli 26, 2022