iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
CEN

EN ISO/IEC 27007:2022

(Main)

Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing (ISO/IEC 27007:2020)

Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing (ISO/IEC 27007:2020)

ISO/IEC 27007 provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011:2011.
ISO/IEC 27007 is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.

Informationssicherheit, Cybersicherheit und Datenschutz - Leitfaden für das Auditieren von Informationssicherheitsmanagementsystemen (ISO/IEC 27007:2020)

Zusätzlich zur in ISO 19011 enthaltenen Anleitung enthält dieses Dokument eine Anleitung zum Management eines Auditprogramms für Informationssicherheitsmanagementsysteme (ISMS), zur Durchführung von Audits und zur Kompetenz von ISMS-Auditoren.
Dieses Dokument ist anzuwenden für alle, die sich mit internen oder externen Audits eines ISMS vertraut machen oder diese durchführen müssen oder ein ISMS-Auditprogramm steuern müssen.

Sécurité de l'information, cybersécurité et protection des données privées - Lignes directrices pour l'audit des systèmes de management de la sécurité de l'information (ISO/IEC 27007:2020)

Informacijska varnost, kibernetska varnost in varovanje zasebnosti - Smernice za presojanje sistemov upravljanja informacijske varnosti (ISO/IEC 27007:2020)

Standard ISO/IEC 27007 zagotavlja smernice za upravljanje programa presojanja sistemov upravljanja informacijske varnosti (ISMS), izvajanje presoj in določanje pristojnosti presojevalcev sistemov upravljanja informacijske varnosti, ki se uporabljajo poleg smernic iz standarda ISO 19011:2011.
Standard ISO/IEC 27007 se uporablja za tiste, ki morajo razumeti ali izvajati notranje ali zunanje presoje sistemov upravljanja informacijske varnosti ali upravljati program presojanja sistemov upravljanja informacijske varnosti.

General Information

Status
Published
Publication Date
11-Jan-2022
Withdrawal Date
30-Jul-2022
ICS
03.100.70 - Management systems
03.120.20 - Product and company certification. Conformity assessment
35.030 - IT Security
Technical Committee
CEN/CLC/TC 13 - Cybersecurity and Data Protection
Drafting Committee
CEN/CLC/TC 13 - Cybersecurity and Data Protection
Current Stage
6060 - Definitive text made available (DAV) - Publishing
Start Date
12-Jan-2022
Due Date
17-Jan-2023
Completion Date
12-Jan-2022
Ref Project
SIST EN ISO/IEC 27007:2022 - Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing (ISO/IEC 27007:2020)

Buy Standard

EN ISO/IEC 27007:2022EN ISO/IEC 27007:2022
PreviousNext
Standard
EN ISO/IEC 27007:2022
English language
48 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN ISO/IEC 27007:2022
01-april-2022
Informacijska varnost, kibernetska varnost in varovanje zasebnosti - Smernice za
presojanje sistemov upravljanja informacijske varnosti (ISO/IEC 27007:2020)
Information security, cybersecurity and privacy protection - Guidelines for information
security management systems auditing (ISO/IEC 27007:2020)
Informationstechnik - Sicherheitsverfahren - Leitfäden für das Auditieren von
Informationssicherheitsmanagementsystemen (ISO/IEC 27007:2020)
Sécurité de l'information, cybersécurité et protection des données privées - Lignes
directrices pour l'audit des systèmes de management de la sécurité de l'information
(ISO/IEC 27007:2020)
Ta slovenski standard je istoveten z: EN ISO/IEC 27007:2022
ICS:
03.100.70 Sistemi vodenja Management systems
03.120.20 Certificiranje proizvodov in Product and company
podjetij. Ugotavljanje certification. Conformity
skladnosti assessment
35.030 Informacijska varnost IT Security
SIST EN ISO/IEC 27007:2022 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN ISO/IEC 27007:2022

---------------------- Page: 2 ----------------------
SIST EN ISO/IEC 27007:2022


EUROPEAN STANDARD EN ISO/IEC 27007

NORME EUROPÉENNE

EUROPÄISCHE NORM
January 2022
ICS 03.120.20; 35.030

English version

Information security, cybersecurity and privacy protection
- Guidelines for information security management systems
auditing (ISO/IEC 27007:2020)
Sécurité de l'information, cybersécurité et protection Informationstechnik - Sicherheitsverfahren - Leitfäden
des données privées - Lignes directrices pour l'audit für das Auditieren von
des systèmes de management de la sécurité de Informationssicherheitsmanagementsystemen
l'information (ISO/IEC 27007:2020) (ISO/IEC 27007:2020)
This European Standard was approved by CEN on 26 December 2021.

This European Standard was corrected and reissued by the CEN-CENELEC Management Centre on 26 January 2022.

CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for
giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical
references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to
any CEN and CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other language made by
translation under the responsibility of a CEN and CENELEC member into its own language and notified to the CEN-CENELEC
Management Centre has the same status as the official versions.

CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium,
Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.


















CEN-CENELEC Management Centre:
Rue de la Science 23, B-1040 Brussels
© 2022 CEN/CENELEC All rights of exploitation in any form and by any means Ref. No. EN ISO/IEC 27007:2022 E
reserved worldwide for CEN national Members and for
CENELEC Members.

---------------------- Page: 3 ----------------------
SIST EN ISO/IEC 27007:2022
EN ISO/IEC 27007:2022 (E)
Contents Page
European foreword . 3

2

---------------------- Page: 4 ----------------------
SIST EN ISO/IEC 27007:2022
EN ISO/IEC 27007:2022 (E)
European foreword
The text of ISO/IEC 27007:2020 has been prepared by Technical Committee ISO/IEC JTC 1 "Information
technology” of the International Organization for Standardization (ISO) and has been taken over as
EN ISO/IEC 27007:2022 by Technical Committee CEN-CENELEC/ JTC 13 “Cybersecurity and Data
Protection” the secretariat of which is held by DIN.
This European Standard shall be given the status of a national standard, either by publication of an
identical text or by endorsement, at the latest by July 2022, and conflicting national standards shall be
withdrawn at the latest by July 2022.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN-CENELEC shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national standards body.
A complete listing of these bodies can be found on the CEN and CENELEC websites.
According to the CEN-CEN
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
EN ISO 22435:2024(Main)
Gas cylinders - Cylinder valves with integrated pressure regulators - Specification and type testing (ISO 22435:2024)
kSIST FprEN ISO 22435:2024

This document specifies design, type test methods, marking and instruction requirements for cylinder valves with integrated pressure regulators (VIPRs) intended to be fitted to gas cylinders, pressure drums or tubes or used as a main valve for bundles of cylinders that convey compressed, liquefied or dissolved gases.
These are requirements for VIPRs that are in addition to those given in the relevant closure standard, for example, in ISO 10297 for cylinder valves, in ISO 17871 for quick-release cylinder valves, in ISO 17879 for self-closing cylinder valves or in ISO 23826 for ball valves. For ISO 17871, these requirements are only applicable to quick-release cylinder valves types B, C, D and E.
NOTE 1        If the pressure regulating system of a VIPR is acting as the primary valve operating mechanism, it is covered by the relevant closure standard, e.g. ISO 10297, ISO 17871, ISO 17879 and ISO 23826. This also includes designs where closure of the primary valve operating mechanism of a VIPR is obtained by closing the seat of the pressure regulating system.
NOTE 2        If the primary valve operating mechanism of a VIPR is located at the low-pressure side of the pressure regulating system, it is covered by the relevant closure standard, e.g. ISO 10297, ISO 17871, ISO 17879 and ISO 23826.
NOTE 3        The term “pressure receptacle” is used within this document to cover instances where no differentiation is necessary between gas cylinders, bundles of cylinders, pressure drums and tubes.
This document does not apply to VIPRs for
a)       medical applications (see ISO 10524-3);
b)       liquefied petroleum gas (LPG);
c)        cryogenic applications.
NOTE 4        Additional requirements for a VIPR with a residual pressure device (RPD) are specified in ISO 15996.
NOTE 5        Additional requirements for pressure relief valves can exist in international/regional regulations/ standards.

  • Draft
    39 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 17015-1:2024(Main)
Electronic Public Procurement - Catalogue - Part 1: Choreographies
kSIST FprEN 17015-1:2024

The purpose of this deliverable is to specify and describe choreographies for exchanging an electronic product catalogue (“catalogues”) as part of the business processes in the pre-award and post-award area, so that catalogues can serve as a basis for placing orders as well as evaluating tenders. The key aspects covered by this choreography specification are:
-   processes for submitting catalogues from the selling to the buying side;
-   processes for submitting catalogue-related data as part of a tendering process;
-   processes integrating sell-side procurement systems.
This document does not apply to the transactions used in the specified choreographies. These transactions are specified in EN 17015 2. The relationship between the choreographies and the transaction is described in Clause 8.
The identifier of this choreographies document is EN 17015 1:2024.
How to claim compliance to this choreography is specified in 6.2.3.

  • Draft
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO/ASTM 52927:2024(Main)
Additive manufacturing - General principles - Main characteristics and corresponding test methods (ISO/ASTM 52927:2024)
kSIST FprEN ISO/ASTM 52927:2024

This document specifies the principal requirements applied to the testing of parts produced by additive manufacturing processes.
This document
—     identifies quality characteristics for feedstock and parts and the corresponding test procedures,
—     provides the specific procedures to build specimens using additive manufacturing process, and
—     recommends the scope and content of test and supply agreements.
This document is aimed at machine manufacturers, feedstock suppliers, AM system users, part providers, and customers to facilitate the communication on main quality characteristics. It applies wherever additive manufacturing processes are used.
NOTE            It is the intent to include, in future versions of this document, other characteristics such as thermal properties, electrical requirements and physical and physico-chemical properties based upon material types.

  • Draft
    28 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 8362-2:2024(Main)
Injection containers and accessories - Part 2: Closures for injection vials (ISO 8362-2:2024)
SIST EN ISO 8362-2:2024

This document specifies the shape, dimensions, material, performance requirements and labelling of closures for injection vials covered by ISO 8362-1 and ISO 8362-4.
The dimensional requirements are not applicable to barrier-coated closures.
Closures specified in this document are intended for single use only.
NOTE            The potency, purity, stability and safety of a medicinal product during its manufacture and storage can strongly be affected by the nature and performance of the primary packaging.

  • Draft
    10 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 16739-1:2024(Main)
Industry Foundation Classes (IFC) for data sharing in the construction and facility management industries - Part 1: Data schema (ISO 16739-1:2024)
kSIST FprEN ISO 16739-1:2024

This document represents an open international standard for information used in Building Information Modeling (BIM) that is exchanged and shared among software applications used by the various participants in the construction or facility management industry sector. This document includes definitions that cover information required for buildings and infrastructure works over their life cycle. This edition of the document added coverage of information required for infrastructure facilities including bridges, roads, railways, waterways and port facilities.
This document comprises the publication of a data schema, its documentation, the property and quantity set definitions and the mechanism of an exchange file format structure.
Definitions from this document are used to support different recognized work flows in the construction and facility management industry sector, representing information deliveries. Such information deliveries can be described according to ISO 29481.
Different implementation levels of this document can be defined to better support multiple information deliveries, they are referred to as a Model View Definition (MVD). Each MVD identifies which subset of the definitions of this document imposes requirements for implementation in software applications. Conforming software applications need to identify the model view definition they conform to when applying for software certification.
The following are within the scope of this edition of this document:
BIM exchange format definitions that are required during the life cycle phases of buildings and infrastructure:
demonstrating the need;
conception of need;
outline feasibility;
substantive feasibility study and outline financial authority;
outline conceptual design;
full conceptual design;
coordinated design;
procurement and full financial authority;
production information;
construction;
operation and maintenance.
BIM exchange format definitions that are required by the various disciplines involved within the life cycle phases:
architecture and civil engineering design;
service and utilities engineering;
structural engineering;
procurement;
construction planning;
facility and utility management;
project management;
client requirement management;
industry authorities for permits and approval.
BIM exchange format definitions including:
project structure;
physical components;
spatial components;
analysis items;
processes;
resources;
controls;
actors;
context definition.

  • Draft
    406 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 2620:2024(Main)
Analysis of natural gas - Biomethane - Determination of VOCs by thermal desorption gas chromatography with flame ionization and/or mass spectrometry detectors (ISO 2620:2024)
kSIST FprEN ISO 2620:2024

This document describes a method for sampling and analysis of volatile organic compounds (VOCs), including siloxanes, terpenes, organic sulfur compounds, in natural gas and biomethane matrices, using thermal desorption gas chromatography with flame ionization and/or mass spectrometry detectors (TD-GC-FID/MS).

  • Draft
    13 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 4126-10:2024(Main)
Safety devices for protection against excessive pressure - Part 10: Sizing of safety valves and bursting discs for gas/liquid two-phase flow (ISO 4126-10:2024)
kSIST FprEN ISO 4126-10:2023

This document specifies the sizing of safety valves and bursting discs for gas/liquid two-phase flow in pressurized systems such as reactors, storage tanks, columns, heat exchangers, piping systems or transportation tanks/containers, see Figure 2. The possible fluid states at the safety device inlet that can result in two-phase flow are given in Table 1.
NOTE          The pressures used in this document are absolute pressures, not gauge pressures.

  • Draft
    84 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 17294-1:2024(Main)
Water quality - Application of inductively coupled plasma mass spectrometry (ICP-MS) - Part 1: General requirements (ISO 17294-1:2024)
kSIST FprEN ISO 17294-1:2023

This document specifies the principles of inductively coupled plasma mass spectrometry (ICP-MS) and provides general requirements for the use of this technique to determine elements in water, digests of sludges and sediments (e.g. digests of water as described in ISO 15587-1 or ISO 15587-2). Generally, the measurement is carried out in water, but gases, vapours or fine particulate matter can be introduced too. This document applies to the use of ICP-MS for aqueous solution analysis.
The ultimate determination of the elements is described in a separate International Standard for each series of elements and matrix. The individual clauses of this document refer the user to these guidelines for the basic principles of the method and the configuration of the instrument.

  • Draft
    43 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 17016-1:2024(Main)
Electronic Public Procurement - Ordering - Part 1: Choreographies
kSIST prEN 17016-1:2024

This choreographies document specify ordering between Buyer and Seller where the Buyer wants to reach an agreement with the Seller about an order. It specifies a series of activities that govern communication between the parties and refers to the specifications where information and rules that apply are specified.
The various possible behaviours of the Seller and Buyer subsequent to the first order communication are conveyed by variants of this choreography that are specified in 5.2.
Previous activities (e.g. cataloguing) and subsequent activities (e.g. invoicing) are outside the scope of this document. If performed electronically, their implementation is covered by other choreographies.
The identifier of this choreographies document is EN 17016-1:2024.
How to claim compliance to this choreography is specified in 5.2.3.

  • Draft
    74 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 7029:2017/A1:2024(Amendment)
Acoustics - Statistical distribution of hearing thresholds related to age and gender - Amendment 1: Correction of parameter values for estimating the hearing threshold distribution (ISO 7029:2017/Amd 1:2024)
SIST EN ISO 7029:2017/oprA1:2023
  • Draft
    6 pages
    English language
    sale 10% off
    e-Library read for
    1 day