iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty!
CEN

prEN ISO 27007

(Main)

Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing (ISO/IEC 27007:2020)

Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing (ISO/IEC 27007:2020)

ISO/IEC 27007 provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011:2011.
ISO/IEC 27007 is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.

Informationstechnik - Sicherheitsverfahren - Leitfäden für das Auditieren von Informationssicherheitsmanagementsystemen (ISO/IEC 27007:2020)

Zusätzlich zu dem in ISO 19011 enthaltenen Leitfaden enthält dieses Dokument Leitfäden zum Management eines Auditprogramms für Informationssicherheitsmanagementsysteme (ISMS), zur Durchführung von Audits und zur Kompetenz von ISMS-Auditoren.
Dieses Dokument gilt für alle, die sich mit internen oder externen Audits eines ISMS vertraut machen oder diese durchführen müssen oder ein ISMS-Auditprogramm managen müssen.

Sécurité de l'information, cybersécurité et protection des données privées - Lignes directrices pour l'audit des systèmes de management de la sécurité de l'information (ISO/IEC 27007:2020)

Informacijska varnost, kibernetska varnost in varovanje zasebnosti - Smernice za presojanje sistemov upravljanja informacijske varnosti (ISO/IEC 27007:2020)

General Information

Status
Not Published
ICS
03.100.70 - Management systems
03.120.20 - Product and company certification. Conformity assessment
35.030 - IT Security
Technical Committee
CEN/CLC/TC 13 - Cybersecurity and Data Protection
Current Stage
4060 - Closure of enquiry - Enquiry
Due Date
25-Nov-2021
Completion Date
25-Nov-2021
Ref Project
oSIST prEN ISO 27007:2021 - Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing (ISO/IEC 27007:2020)

Buy Standard

prEN ISO 27007:2021prEN ISO 27007:2021
PreviousNext
Draft
prEN ISO 27007:2021
English language
45 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (sample)

SLOVENSKI STANDARD
oSIST prEN ISO 27007:2021
01-november-2021
Informacijska varnost, kibernetska varnost in varovanje zasebnosti - Smernice za
presojanje sistemov upravljanja informacijske varnosti (ISO/IEC 27007:2020)

Information security, cybersecurity and privacy protection - Guidelines for information

security management systems auditing (ISO/IEC 27007:2020)
Informationstechnik - Sicherheitsverfahren - Leitfäden für das Auditieren von
Informationssicherheitsmanagementsystemen (ISO/IEC 27007:2020)

Sécurité de l'information, cybersécurité et protection des données privées - Lignes

directrices pour l'audit des systèmes de management de la sécurité de l'information

(ISO/IEC 27007:2020)
Ta slovenski standard je istoveten z: prEN ISO 27007
ICS:
03.100.70 Sistemi vodenja Management systems
03.120.20 Certificiranje proizvodov in Product and company
podjetij. Ugotavljanje certification. Conformity
skladnosti assessment
35.030 Informacijska varnost IT Security
oSIST prEN ISO 27007:2021 en,fr,de

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN ISO 27007:2021
---------------------- Page: 2 ----------------------
oSIST prEN ISO 27007:2021
INTERNATIONAL ISO/IEC
STANDARD 27007
Third edition
2020-01
Information security, cybersecurity
and privacy protection — Guidelines
for information security management
systems auditing
Sécurité de l'information, cybersécurité et protection des données
privées — Lignes directrices pour l'audit des systèmes de
management de la sécurité de l'information
Reference number
ISO/IEC 27007:2020(E)
ISO/IEC 2020
---------------------- Page: 3 ----------------------
oSIST prEN ISO 27007:2021
ISO/IEC 27007:2020(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2020

All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may

be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting

on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address

below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Fax: +41 22 749 09 47
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO/IEC 2020 – All rights reserved
---------------------- Page: 4 ----------------------
oSIST prEN ISO 27007:2021
ISO/IEC 27007:2020(E)
Contents Page

Foreword ..........................................................................................................................................................................................................................................v

Introduction ................................................................................................................................................................................................................................vi

1 Scope ................................................................................................................................................................................................................................. 1

2 Normative references ...................................................................................................................................................................................... 1

3 Terms and definitions ..................................................................................................................................................................................... 1

4 Principles of auditing ...................................................................................................................................................................................... 1

5 Managing an audit programme ............................................................................................................................................................. 1

5.1 General ........................................................................................................................................................................................................... 1

5.2 Establishing audit programme objectives ....................................................................................................................... 1

5.3 Determining and evaluating audit programme risks and opportunities .............................................. 2

5.4 Establishing audit programme .................................................................................................................................................. 2

5.4.1 Roles and responsibilities of the individual(s) managing audit programme .............. 2

5.4.2 Competence of individual(s) managing audit programme ......................................................... 2

5.4.3 Establishing extent of the audit programme ........................................................................................... 2

5.4.4 Determining audit programme resources ................................................................................................. 3

5.5 Implementing audit programme ............................................................................................................................................. 3

5.5.1 General...................................................................................................................................................................................... 3

5.5.2 Defining the objectives, scope and criteria for an individual audit ...................................... 3

5.5.3 Selecting and determining audit methods ................................................................................................. 4

5.5.4 Selecting audit team members ............................................................................................................................ 4

5.5.5 Assigning responsibility for an individual audit to the audit team leader..................... 4

5.5.6 Managing audit programme results ................................................................................................................ 4

5.5.7 Managing and maintaining audit programme records ................................................................... 4

5.6 Monitoring audit programme .................................................................................................................................................... 5

5.7 Reviewing and improving audit programme ................................................................................................................ 5

6 Conducting an audit .......................................................................................................................................................................................... 5

6.1 General ........................................................................................................................................................................................................... 5

6.2 Initiating audit ......................................................................................................................................................................................... 5

6.2.1 General...................................................................................................................................................................................... 5

6.2.2 Establishing contact with auditee ..................................................................................................................... 5

6.2.3 Determining feasibility of audit .......................................................................................................................... 5

6.3 Preparing audit activities ............................................................................................................................................................... 5

6.3.1 Performing review of documented information................................................................................... 5

6.3.2 Audit planning .................. .................................................... .............................................................................................. 5

6.3.3 Assigning work to audit team ............................................................................................................................... 6

6.3.4 Preparing documented information for audit ........................................................................................ 6

6.4 Conducting audit activities ........................................................................................................................................................... 6

6.4.1 General...................................................................................................................................................................................... 6

6.4.2 Assigning roles and responsibilities of guides and observers .................................................. 6

6.4.3 Conducting opening meeting ................................................................................................................................ 6

6.4.4 Communicating during audit ................................................................................................................................ 6

6.4.5 Audit information availability and access .................................................................................................. 6

6.4.6 Reviewing document information while conducting audit ......................................................... 6

6.4.7 Collecting and verifying information ............................................................................................................. 7

6.4.8 Generating audit findings ......................................................................................................................................... 7

6.4.9 Determining audit conclusions ........................................................................................................................... 7

6.4.10 Conducting closing meeting ................................................................................................................................... 7

6.5 Preparing and distributing audit report ........................................................................................................................... 7

6.5.1 Preparing audit report ................................................................................................................................................ 7

6.5.2 Distributing audit report .......................................................................................................................................... 7

6.6 Completing audit ................................................................................................................................................................................... 7

6.7 Conducting audit follow-up.......................................................................................................................................................... 7

© ISO/IEC 2020 – All rights reserved iii
---------------------- Page: 5 ----------------------
oSIST prEN ISO 27007:2021
ISO/IEC 27007:2020(E)

7 Competence and evaluation of auditors ....................................................................................................................................... 8

7.1 General ........................................................................................................................................................................................................... 8

7.2 Determining auditor competence ......... .................................................................................................................................. 8

7.2.1 General...................................................................................................................................................................................... 8

7.2.2 Personal behaviour ........................................................................................................................................................ 8

7.2.3 Knowledge and skills ................................................................................................................................................... 8

7.2.4 Achieving auditor competence ............................................................................................................................ 9

7.2.5 Achieving audit team leader competence .................................................................................................. 9

7.3 Establishing auditor evaluation criteria............................................................................................................................ 9

7.4 Selecting appropriate auditor evaluation method ................................................................................................... 9

7.5 Conducting auditor evaluation .................................................................................................................................................. 9

7.6 Maintaining and improving auditor competence...................................................................................................... 9

Annex A (informative) Guidance for ISMS auditing practice ....................................................................................................10

Bibliography .............................................................................................................................................................................................................................39

iv © ISO/IEC 2020 – All rights reserved
---------------------- Page: 6 ----------------------
oSIST prEN ISO 27007:2021
ISO/IEC 27007:2020(E)
Foreword

ISO (the International Organization for Standardization) and IEC (the International Electrotechnical

Commission) form the specialized system for worldwide standardization. National bodies that

are members of ISO or IEC participate in the development of International Standards through

technical committees established by the respective organization to deal with particular fields of

technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other

international organizations, governmental and non-governmental, in liaison with ISO and IEC, also

take part in the work.

The procedures used to develop this document and those intended for its further maintenance are

described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for

the different types of document should be noted. This document was drafted in accordance with the

editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).

Attention is drawn to the possibility that some of the elements of this document may be the subject

of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent

rights. Details of any patent rights identified during the development of the document will be in the

Introduction and/or on the ISO list of patent declarations received (see www .iso .org/ patents) or the IEC

list of patent declarations received (see http:// patents .iec .ch).

Any trade name used in this document is information given for the convenience of users and does not

constitute an endorsement.

For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and

expressions related to conformity assessment, as well as information about ISO's adherence to the

World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www .iso .org/

iso/ foreword .html.

This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,

Subcommittee SC 27, Information security, cybersecurity and privacy protection.

This third edition cancels and replaces the second edition (ISO/IEC 27007:2017), which has been

technically revised.
The main changes compared to the previous edition are as follows:
— the document has been aligned with ISO 19011:2018;
— the Introduction has been reworded and expanded;
— in 5.1, the entire text has been removed;
— in 5.2.2, the former item d) has been removed;
— in 5.3, the entire text has been removed;
— in 5.5.2.2, the former item b) and a paragraph below has been removed;
— in 6.5.2.2, the first paragraph has been removed and the NOTE reworded.

Any feedback or questions on this document should be directed to the user’s national standards body. A

complete listing of these bodies can be found at www .iso .org/ members .html.
© ISO/IEC 2020 – All rights reserved v
---------------------- Page: 7 ----------------------
oSIST prEN ISO 27007:2021
ISO/IEC 27007:2020(E)
Introduction

An information security management system (ISMS) audit can be conducted against a range of audit

criteria, separately or in combination, including but not limited to:
— requirements defined in ISO/IEC 27001:2013;
— policies and requirements specified by relevant interested parties;
— statutory and regulatory requirements;
— ISMS processes and controls defined by the organization or other parties;

— management system plan(s) relating to the provision of specific outputs of an ISMS (e.g. plans to

address risks and opportunities when establishing ISMS, plans to achieve information security

objectives, risk treatment plans, project plans).

This document provides guidance for all sizes and types of organizations and ISMS audits of varying

scopes and scales, including those conducted by large audit teams, typically of larger organizations, and

those by single auditors, whether in large or small organizations. This guidance should be adapted as

appropriate to the scope, complexity and scale of the ISMS audit programme.

This document concentrates on ISMS internal audits (first party) and ISMS audits conducted by

organizations on their external providers and other external interested parties (second party). This

document can also be useful for ISMS external audits conducted for purposes other than third party

management system certification. ISO/IEC 27006 provides requirements for auditing ISMS for third

party certification; this document can provide useful additional guidance.

This document is to be used in conjunction with the guidance contained in ISO 19011:2018.

This document follows the structure of ISO 19011:2018.

ISO 19011:2018 provides guidance on the management of audit programmes, the conduct of internal or

external audits of management systems, as well as on the competence and evaluation of management

system auditors.

Annex A provides guidance for ISMS auditing practices along with requirements of ISO/IEC 27001:2013,

Clauses 4 to 10.
vi © ISO/IEC 2020 – All rights reserved
---------------------- Page: 8 ----------------------
oSIST prEN ISO 27007:2021
INTERNATIONAL STANDARD ISO/IEC 27007:2020(E)
Information security, cybersecurity and privacy
protection — Guidelines for information security
management systems auditing
1 Scope

This document provides guidance on managing an information security management system (ISMS)

audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the

guidance contained in ISO 19011.

This document is applicable to those needing to understand or conduct internal or external audits of an

ISMS or to manage an ISMS audit programme.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO 19011:2018, Guidelines for auditing management systems

ISO/IEC 27000:2018, Information technology — Security techniques — Information security management

systems — Overview and vocabulary
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO 19011 and ISO/IEC 27000 apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
4 Principles of auditing
The principles of auditing of ISO 19011:2018, Clause 4, apply.
5 Managing an audit programme
5.1 General
The guidelines of ISO 19011:2018, 5.1, apply.
5.2 Establishing audit programme objectives

5.2.1 The guidelines of ISO 19011:2018, 5.2, apply. In addition, the guidance in 5.2.2 applies.

© ISO/IEC 2020 – All rights reserved 1
---------------------- Page: 9 ----------------------
oSIST prEN ISO 27007:2021
ISO/IEC 27007:2020(E)

5.2.2 ISMS-specific considerations for determining audit programme objectives can include:

a) identified information security requirements;
b) requirements of ISO/IEC 27001;

c) auditee’s level of performance, as reflected in the occurrence of information security events and

incidents and effectiveness of the ISMS;

NOTE Further information about performance monitoring, measurement, analysis and evaluation can

be found in ISO/IEC 27004.

d) information security risks to the relevant parties, i.e. the auditee and audit client.

Examples of ISMS-specific audit programme objectives include:

— demonstrate conformity with all relevant legal and contractual requirements and other requirements

and their security implications;

— obtain and maintain confidence in the risk management capability of the auditee;

— evaluate the effectiveness of the actions to address information security risks and opportunities.

5.3 Determining and evaluating audit programme risks and opportunities
5.3.1 The guidelines of ISO 19011:2018, 5.3, apply.

5.3.2 Measures to ensure information security and confidentiality should be determined considering

auditees and other relevant party requirements. Other party requirements can include relevant legal and

contractual requirements.
5.4 Establishing audit programme
5.4.1 Roles and responsibilities of the individual(s) managing audit programme

The guidelines of ISO 19011:2018, 5.4.1, apply. In addition, the guidance in 5.4.1.2 applies.

5.4.2 Competence of individual(s) managing audit programme
The guidelines of ISO 19011:2018, 5.4.2, apply.
5.4.3 Establishing extent of the audit programme

5.4.3.1 The guidelines of ISO 19011:2018, 5.4.3, apply. In addition, the guidance in 5.4.3.2 applies.

5.4.3.2 The extent of an audit programme can include the following:
a) the size of the ISMS, including:

1) the total number of persons doing work under the organization's control and relationships

with interested parties and contractors that are relevant to the ISMS;
2) the number of information systems;
1) For the purpose of this document, the term “audit“ refers to ISMS audits.
2 © ISO/IEC 2020 – All rights reserved
---------------------- Page: 10 ----------------------
oSIST prEN ISO 27007:2021
ISO/IEC 27007:2020(E)
3) the number of sites covered by the ISMS;

b) the complexity of the ISMS (including the number and criticality of processes and activities) taking

into account differences between sites within the ISMS scope;

c) the significance of the information security risks identified for the ISMS in relation to the business;

d) the significance of the risks and opportunities determined when planning the ISMS;

e) the importance of preserving the confidentiality, integrity and availability of information within

the scope of the ISMS;

f) the complexity of the information systems to be audited, including complexity of information

technology deployed;
g) the number of similar sites.

Consideration should be given in the audit programme to setting priorities that warrant more detailed

examination based on the significance of information security risks and business requirements in

respect to the scope of the ISMS.

NOTE Further information about determining audit time can be found in ISO/IEC 27006. Further information

on multi-site sampling can be found in ISO/IEC 27006 and mandatory document 1 from the International

Accreditation Forum (IAF MD1, see Reference [11]). The information contained in ISO/IEC 27006 and IAF MD 1

only relates to certification audits.
5.4.4 Determining audit programme resources

5.4.4.1 The guidelines of ISO 19011:2018, 5.4.4, apply. In addition, the guidance in 5.4.4.2 applies.

5.4.4.2 In particular, for all significant risks applicable to the auditee and relevant to the audit

programme objectives, ISMS auditors should be allocated sufficient time to review the effectiveness of

the actions to address information security risks and ISMS related risks and opportunities.

5.5 Implementing audit programme
5.5.1 General
The guidelines of ISO 19011:2018, 5.5.1, apply.
5.5.2 Defining the objectives, scope and criteria for an individual audit

5.5.2.1 The guidelines of ISO 19011:2018, 5.5.2, apply. In addition, the guidance in 5.5.2.2 applies.

5.5.2.2 The audit objectives may include the following:

a) evaluation of whether the ISMS adequately identifies and addresses information security

requirements;

b) determination of the extent of conformity of information security controls with the requirements

and procedures of the ISMS.

The audit scope should take into account information security risks and relevant risks and opportunities

affecting the ISMS of relevant parties, i.e. the audit client and the auditee.
© ISO/IEC 2020 – All rights reserved 3
---------------------- Page: 11 ----------------------
oSIST prEN ISO 27007:2021
ISO/IEC 27007:2020(E)

The following topics may be considered as audit criteria and used as a reference against which

conformity is determined:

a) the information security policy, information security objectives, policies and procedures adopted

by the auditee;
b) contractual requirements and other requirements relevant to the auditee;

c) the auditee's information security risk criteria, information security risk assessment process and

risk treatment process;

d) the Statement of Applicability, the identification of any sector-specific or other necessary controls,

justification for inclusions, whether they are implemented or not and the justification for exclusions

of controls of ISO/IEC 27001:2013, Annex A;
e) the definition of controls to treat risks appropriately;

f) the methods and criteria for monitoring, measurement, analysis and evaluation of the information

security performance and the effectiveness of the ISMS;
g) information security requirements provided by a customer;
h) information security requirements applied by a supplier or outsourcer.
5.5.3 Selecting and determining audit methods

5.5.3.1 The guidelines of ISO 19011:2018, 5.5.3, apply. In addition, the guidance in 5.5.3.2 applies.

5.5.3.2 If a joint audit is conducted, particular attention should be paid to the disclosure of information

between the relevant parties. Agreement on this should be reached with all interested parties before the

audit commences.
5.5.4 Selecting audit team members

5.5.4.1 The guidelines of ISO 19011:2018, 5.5.4, apply. In addition, the guidance in 5.5.4.2 applies.

5.5.4.2 The competence of the overall audit team should include adequate knowledge and

understanding of:

a) information security risk management sufficient to evaluate the methods used by the auditee;

b) information security and information security management sufficient to evaluate control

determination, planning, implementation, maintenance and effectiveness of the ISMS.

5.5.5 Assigning responsibility for an individual audit to the audit team leader
The guidelines of ISO 19011:2018, 5.5.5, apply.
5.5.6 Managing audit programme results
The guidelines of ISO 19011:2018, 5.5.6, apply.
5.5.7 Managing and maintaining audit programme records
The guidelines of ISO 19011:2018, 5.5.7, apply.
4 © ISO/IEC 2020 – All rights reserved
---------------------- Page: 12 ----------------------
oSIST prEN ISO 27007:2021
ISO/IEC 27007:2020(E)
5.6 Monitoring audit programme
The guidelines of ISO 19011:2018, 5.6, apply.
5.7 Reviewing and improving audit programme
The guidelines of ISO 19011:2018, 5.7, apply.
6 Conducting an audit
6.1 General
The guidelines of ISO 19011:2018, 6.1, apply.
6.2 Initiating audit
6.2.1 General
The guidelines of ISO 19011:2018, 6.2.1, apply.
6.2.2 Establishing contact with auditee

6.2.2.1 The guidelines of ISO 19011:2018, 6.2.2, apply. In addition, the guidance in 6.2.2.2 applies.

6.2.2.2 Where necessary, care should be taken to ensure that the auditors have obtained the necessary

security clearance to access documented information or other information required for audit activities

(including but not limited to confidential or sensitive information).
6.2.3 Determining feasibility of audit

6.2.3.1 The guidelines of ISO 19011:2018, 6.2.3, apply. In addition, the guidance in 6.2.3.2 applies.

6.2.3.2 Before the audit commences, the auditee should be asked whether any ISMS audit evidence

is unavailable for review by the audit team, e.g. because the evidence contains personally identifiable

information or other confidential/sensitive information. The person responsible for managing the audit

programme should determine whether the ISMS can be adequately audited in the absence of audit

evidence. If the conclusion
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
EN ISO 9902-6:2021(Main)
Textile machinery - Noise test code - Part 6: Fabric manufacturing machinery (ISO 9902-6:2018)
SIST EN ISO 9902-6:2021

This document covers the different types of weaving and knitting machines defined in ISO 5247 (all parts)[2] and ISO 7839[3], respectively.
It is applicable to:
full-width weaving machines with weft insertion by:
shuttles;
rigid, telescopic or flexible rapiers;
projectiles;
hydraulic (waterjet) or by pneumatic (airjet) nozzle;
narrow fabric weaving machines with weft insertion by shuttles or needles;
jacquard machines;
knitting machinery including:
circular knitting;
flat bed knitting;
warp knitting;
raschel;
cotton (flat weft weaving);
other fabric manufacturing machines e.g.:
multi-phase weaving machines;
circular weaving machines;
stitch bonding machines.
NOTE Because of the high requirements on measurement conditions, grade 1 methods are normally not feasible for textile machinery.

  • Standard
    23 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 15746-2:2020(Main)
Railway applications - Track - Road-rail machines and associated equipment - Part 2: General safety requirements
SIST EN 15746-2:2021

This document specifies the significant hazards, hazardous situations and events, common to self-propelled road-rail machines - henceforward referred to as machines - and associated equipment, arising due to the adaptation for their use on railway networks and urban rail networks. These machines are intended for construction, maintenance and inspection of the railway infrastructure, shunting and emergency rescue vehicles, when they are used as intended and under conditions of misuse which are reasonably foreseeable by the manufacturer; see Clause 4.
This document deals with the common hazards during assembly and installation, commissioning, travelling on and off track, use including setting, programming, and process changeover, operation, cleaning, fault finding, maintenance and de-commissioning of the machines.
NOTE   Specific measures for exceptional circumstances are not dealt with in this document. They can be subject to negotiation between manufacturer and the machine operator.
The common hazards dealt with include the general hazards presented by the machines, also the hazards presented by the following specific machine functions:
a)   excavation;
b)   ballast tamping, ballast cleaning, ballast regulating, ballast consolidating;
c)   track construction, renewal, maintenance and repair;
d)   lifting;
e)   overhead contact line system renewal / maintenance;
f)   maintenance of the components of the infrastructure;
g)   inspection and measurement of the components of the infrastructure;
h)   working in tunnels;
i)   shunting;
j)   vegetation control;
k)   emergency rescue and recovery;
during commissioning, use, maintenance and servicing.
For a road-rail machine it is assumed that an EU road permissible host vehicle will offer an accepted safety level for its designed basic functions before conversion. Unless explicitly stated otherwise in a particular clause this specific aspect is not dealt with in this document.
This document does not deal with:
1)   requirements with regard to the quality of work and the performance of the machine;
2)   machines that utilize the contact line system for traction purposes;
3)   specific requirements established by a railway Infrastructure Manager or Urban Rail Manager;
4)   negotiations between the manufacturer and the machine operator for additional or alternative requirements;
5)   requirements for use and travel of the machine on public highway;
6)   hazards due to air pressure caused by the passing of high-speed trains at more than 190 km/h;
7)   requirements which could be necessary in case of use in extreme conditions, such as extreme ambient temperatures (tropical or polar); see 5.30;
8)   highly corrosive or contaminating environment, e.g. due to the presence of chemicals;
9)   potentially explosive atmospheres.
Other special machines used on railway tracks are dealt with in other European Standards, see Annex E.

  • Standard
    86 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    79 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 352-10:2020(Main)
Hearing protectors - Safety requirements - Part 10: Entertainment audio earplugs
SIST EN 352-10:2021

This European Standard is applicable to entertainment audio earplugs. It specifies requirements on construction, design, performance, marking and user information relating to the inclusion of the entertainment audio facility.

  • Standard
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 352-8:2020(Main)
Hearing protectors - Safety requirements - Part 8: Entertainment audio earmuffs
SIST EN 352-8:2021

This European Standard is applicable to entertainment audio ear-muffs. It specifies requirements on construction, design, performance, marking and user information relating to the inclusion of the entertainment audio facility.

  • Standard
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 12999:2020(Main)
Cranes - Loader cranes
SIST EN 12999:2020

This document specifies minimum requirements for design, calculation, examinations and tests of hydraulic powered loader cranes and their mountings on vehicles or static foundations.
This document applies to loader cranes designed to be installed on:
-   road vehicles, including trailers, with load carrying capability;
-   tractors (road or agricultural), where only a towed trailer has capability to carry goods;
-   demountable bodies to be carried by any of the above;
-   other types of carriers (e.g. separate loaders, crawlers, rail vehicles, non-seagoing vessels);
-   static foundations.
This document also applies to loader cranes equipped with special tools or interchangeable equipment (e.g. grapple, clamshell bucket, pallet clamp, etc.), as specified in the operator’s manual.
This document does not apply to loader cranes used on board sea going vessels or to articulated boom system cranes which are designed as total integral parts of special equipment such as forwarders.
The hazards covered by this document are identified in Clause 4.
This document does not cover hazards related to the lifting of persons.
NOTE   The use of cranes for lifting of persons can be subject to specific national regulations.
This document is not applicable to loader cranes manufactured before the publication of this document. For loader cranes designed before the publication of this document, the provisions concerning stress calculations in the version of EN 12999 that was valid at the time of their design, are still applicable.

  • Standard
    107 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 12514:2020(Main)
Components for supply systems for consuming units with liquid fuels
SIST EN 12514:2020

This European Standard specifies the safety and performance requirements and tests methods for the components for supply systems. Their intended use is the supply with liquid fuel for one or more consuming units from one or more tanks.
This European Standard applies to pressurised, negative pressurised, unpressurised, underground, above ground, inside and/or outside systems to supply liquid fuels.
The components for supply systems covered by this standard are piping kits/systems and their components.
Not covered by this standard are items belonging to the consuming unit (e. g.: heating/cooling appliances in buildings) and items used for the mounting and support of components.
Not covered by this standard are items with the intended use of gas for building heating/cooling systems and any items of heating networks.
Not covered are items used for drainage (including highways) and disposal of other liquids and gaseous waste, supply of gases, pressure and vacuum systems, communications, sanitary and cleaning fixtures and storage fixtures.

  • Standard
    220 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    220 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 8222:2020(Main)
Petroleum measurement systems - Calibration - Volumetric measures, proving tanks and field measures (including formulae for properties of liquids and materials) (ISO 8222:2020)
SIST EN ISO 8222:2020

This document describes the design, use and calibration of volumetric measures (capacity measures) which are intended for use in fixed locations in a laboratory or in the field. This document gives guidance on both standard and non-standard measures. It also covers portable and mobile measures. This document is applicable to the petroleum industry; however, it may be applied more widely to other applications.
This document excludes measures for cryogenic liquids and pressurized measures as used for liquid petroleum gas (LPG) and liquefied natural gas (LNG).
Volumetric measures are classified as test measures or prover tanks depending on capacity and design.
Measures described in this document are primarily designed, calibrated and used to measure volumes from a measure which is wetted and drained for a specified time before use and designated to deliver. Many of the provisions, however, apply equally to measures which are used to measure a volume using a clean and dry measure and designated to contain.
Guidance is given regarding commonly expected uncertainties and calibration specifications.
The document also provides, in Annex A, reference formulae describing the properties of water and other fluids and materials used in volumetric measurement more generally.

  • Standard
    79 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 7932:2004/A1:2020(Amendment)
Microbiology of food and animal feeding stuffs - Horizontal method for the enumeration of presumptive Bacillus cereus - Colony-count technique at 30 degrees C - Amendment 1: Inclusion of optional tests (ISO 7932:2004/Amd 1:2020, Corrected version 2020-08)
SIST EN ISO 7932:2005/A1:2020
  • Amendment
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Amendment
    29 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 19136-1:2020(Main)
Geographic information - Geography Markup Language (GML) - Part 1: Fundamentals (ISO 19136-1:2020)
SIST EN ISO 19136-1:2020

The Geography Markup Language (GML) is an XML encoding in accordance with ISO 19118 for the transport and storage of geographic information modelled in accordance with the conceptual modelling framework used in the ISO 19100 series of International Standards and including both the spatial and non-spatial properties of geographic features.
This document defines the XML Schema syntax, mechanisms and conventions that:
— provide an open, vendor-neutral framework for the description of geospatial application schemas for the transport and storage of geographic information in XML;
— allow profiles that support proper subsets of GML framework descriptive capabilities;
— support the description of geospatial application schemas for specialized domains and information communities;
— enable the creation and maintenance of linked geographic application schemas and datasets;
— support the storage and transport of application schemas and datasets;
— increase the ability of organizations to share geographic application schemas and the information they describe.
Implementers can decide to store geographic application schemas and information in GML, or they can decide to convert from some other storage format on demand and use GML only for schema and data transport.
NOTE If an ISO 19109 conformant application schema described in UML is used as the basis for the storage and transportation of geographic information, this document provides normative rules for the mapping of such an application schema to a GML application schema in XML Schema and, as such, to an XML encoding for data with a logical structure in accordance with the ISO 19109 conformant application schema.

  • Standard
    374 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 13525:2020(Main)
Forestry machinery - Wood chippers - Safety
SIST EN 13525:2020

This document specifies safety requirements and their verification for design and construction of, i.e. self-propelled, mounted, semi-mounted and trailed, wood chippers used in forestry, agriculture, horticulture and landscaping.
This document applies to chippers, used when stationary, which are manually loaded with wood through a horizontal or near horizontal infeed chute and where the infeed action is performed by the chipping components acting as infeed components or by separate integrated infeed components such as rollers or conveyors integral to the infeed chute. Wood chippers may be powered either by an external power take-off, hydraulics etc. or by an integral power source such as an internal combustion engine.
This document does not cover:
-   requirements relating to national road regulations arising from transport between work sites;
-   hazards arising from any self-propelled function;
-   hazards arising from the transmission of power from an external power source - e.g. power take-off drive shafts;
-   any machines where the infeed chute is fitted with an extension table or an integrated conveyor that is protruding beyond the outermost lower edge of the infeed chute and the Lower Protective Device of the infeed chute;
-   hazards arising from the engine pull starting of an integral power source;
-   hazards arising from mechanical loading;
-   vertical infeed chute chippers;
-   electromagnetic aspects of the chippers;
-   shredders/chippers to be covered by EN 13683;
-   any machines that are only loaded mechanically;
-   additional mechanical discharge systems for woodchips which are not part of the chipping mechanism e.g. conveyors.
For machines that can be both manually and mechanically loaded, this document is only covering the safety of the manual loading.
NOTE 1   Any additional requirements related to use with both mechanical and manual feed that could affect safe use or which are necessary to maintain the integrity of protective devices are outside the scope of this document. Such additional measures are intended to be determined by risk assessment carried out by the manufacturer.
This document deals with all significant hazards, hazardous situations and events relevant to wood chippers, when they are used as intended and under the conditions foreseeable by the manufacturer (see Annex A).
In addition, it specifies the type of information to be provided by the manufacturer on the safe use of these machines.
It is not applicable to environmental hazards (except noise).
NOTE 2   The noise test code described in this standard does not comply with the outdoor noise directive 2000/14/EC.
This document is not applicable to wood chippers which are manufactured before the date of publication of this document by CEN.

  • Standard
    74 pages
    English language
    sale 10% off
    e-Library read for
    1 day