Information Security Standards
ISO 27000:2016
Information Technology – Security Techniques – Information Security Management Systems – Overview and Vocabulary
ISO/ 27001:2013
Information technology — Security techniques – Information security management systems – Requirements
ISO 27002:2013
Information Technology – Security Techniques – Code of Practice for Information Security Controls
ISO 27003:2010
Information Technology — Security Techniques – Information Security Management Systems Implementation Guidance
ISO 27004:2016
Information technology – Security techniques – Information security management – Monitoring, measurement, analysis, and evaluation
ISO 27005:2011
Information technology – Security techniques – Information security risk management
ISO 27011:2016
Information technology – Security techniques – Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations
ISO 27013:2015
Information technology – Security techniques – Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000
ISO 27014:2013
Information technology – Security techniques – Governance of information security
ISO 27017:2015
Information technology – Security techniques – Code of practice for information security controls based on ISO 27002 for cloud services.
ISO 27018:2014
Information technology – Security techniques – Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
ISO 27031:2011
Information technology – Security techniques – Guidelines for information and communication technology readiness for business continuity
ISO 27035:2016
Information technology – Security techniques – Information security incident management – Part 1: Principles of incident management
IT Service Management Standards
ISO 20000-1:2011
Information technology – Service management – Part 1: Service management system requirements
ISO 20000-2:2012
Information technology – Service management – Part 2: Guidance on the application of service management systems
ISO 20000-3:2012
Information technology – Service management – Part 3: Guidance on Scope definition and applicability ISO/IEC 20000-1
ISO 20000-4:2010
Information technology – Service management – Part 4: Process reference model
Network Security Standards
ISO 27033-1:2015
Information technology – Security techniques – Network security – Part 1: Overview and concepts
ISO 27033-2:2012
Information technology – Security techniques – Network security – Part 2: Guidelines for the design and implementation of network security
ISO 27033-3:2010
Information security – Security techniques – Network security – Part 3: Reference networking scenarios – Threats, design techniques and control issues
ISO 27033-4:2014
Information technology – Security techniques – Network security – Part 4: Securing communications between networks using security gateways
ISO 27033-5:2013
Information technology – Security techniques – Network security – Part 5: Securing communications across networks using Virtual Private Networks (VPNs).
ISO 27034-1:2011
Information technology – Security techniques – Application security – Part 1: Overview and concepts.
ISO 27034-2:2015
Information technology – Security techniques – Application security – Part 2: Organization normative framework for application security
Business Continuity Standards
ISO 22301:2019
First of a series of ISO standards and Technical Specifications on Business continuity management
ISO 22313:2020
Security and resilience – Business continuity management systems – Guidance on the use of ISO 22301
ISO 22317:2021
Security and resilience – Business continuity management systems – Guidelines for business impact analysis
ISO 22318:2021
Security and resilience – Business continuity management systems – Guidelines for supply chain continuity
ISO 22330:2018
Security and resilience – Business continuity management systems – Guidelines for people aspects on business continuity
ISO 22331:2018
Security and resilience – Business continuity management systems – Guidelines for business continuity strategy
ISO 22332:2021
Security and resilience – Business continuity management systems – Guidelines for developing business continuity plans and procedures
Risk Management Standards
ISO 31000:2009
Risk management – Principles and guidelines
BS 31100:2011
Risk management – Code of practice and guidance for the implementation of BS ISO 31000
Organizational Resilience & Crisis Management Standards
BS 11200:2014
BS 65000:2014
(being updated for release 2022)
ISO 22361 & ISO 22336
(both under development)
Other Relevant Standards
NIST SP 800-34 – 2021 (last verified and updated)
NIST Cybersecurity Framework
ASIS SPC. 1:2009
AE/SCNS/NCEMA 7000:2021
34 ITIL4 practices
Grouped into three categories: General management practices, Service management practices, Technical management practices
Recommend0 recommendationsPublished in Uncategorized
Leave A Comment
You must be logged in to post a comment.