Normen und Standards

Hier finden Sie alle Normen und Standards, der Reihe nach aufgelistet.

  • ISO 27016 – ISM organizational economics

    Beschreibung ISO/IEC TR 27016:2014 provides guidelines on how an organization can make decisions to protect information and understand the economic consequences of these decisions in the context of competing requirements for resources. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter ISM organizational economics Status Aktuell: Stand 2014

  • ISO 27017 – Code of practice for IS control for cloud services

    Beschreibung ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Code of practice for IS control for cloud services Status Aktuell: Stand 2021

  • ISO 27018 – Protection of PII in public clouds

    Beschreibung This document establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with the privacy principles in ISO/IEC 29100 for the public cloud computing environment. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Protection of PII in public clouds Status Aktuell: Stand 2019

  • ISO 27019 – ISM guidelines for energy utility industry

    Beschreibung ISO/IEC 27019:2017 provides guidance based on ISO/IEC 27002:2013 applied to process control systems used by the energy utility industry for controlling and monitoring the production or generation, transmission, storage and distribution of electric power, gas, oil and heat, and for the control of associated supporting processes. ISO.org Weiterführende Links Weitere Informationen und den Erwerb…

  • ISO 27031 – Guidelines for information and communication technology readiness for business continuity

    Beschreibung ISO/IEC 27031:2011 describes the concepts and principles of information and comunication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization’s ICT readiness to ensure business continuity. It applies to any organization (private,…

  • ISO 27032 – Guidelines for Internet Security

    Beschreibung ISO/IEC 27032 provides guidance for improving the state of Cybersecurity, drawing out the unique aspects of that activity and its dependencies on other security domains, in particular. Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Information technology — Security techniques — Guidelines for cybersecurity Status In Überarbeitung: Stand 2023

  • ISO 27033-1 – Network security

    Beschreibung ISO/IEC 27033-1:2015 provides an overview of network security and related definitions. It defines and describes the concepts associated with, and provides management guidance on, network security. (Network security applies to the security of devices, security of management activities related to the devices, applications/services, and end-users, in addition to security of the information being transferred…

  • ISO 27034-1 – Application security

    Beschreibung ISO/IEC 27034 provides guidance to assist organizations in integrating security into the processes used for managing their applications. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Security techniques — Application security Status Aktuell: Stand 2017

  • ISO 27036-1 – Cybersecurity Supplier relationships

    Beschreibung This Document provides an overview of the guidance intended to assist organizations in securing their information and information systems within the context of supplier relationships. It also introduces concepts that are described in detail in the other parts of ISO/IEC 27036. This document addresses perspectives of both acquirers and suppliers. ISO.org Weiterführende Links Das Dokument…

  • ISO 27038 – Specification for digital redaction

    Beschreibung ISO/IEC 27038:2014 specifies characteristics of techniques for performing digital redaction on digital documents. It also specifies requirements for software redaction tools and methods of testing that digital redaction has been securely completed. ISO.org Weiterführende Links Das Dokument kann hier erworben werden. Schlagwörter Information technology — Security techniques — Specification for digital redaction Status Aktuell:…