SIST ISO 28000:2023
(Main)Security and resilience - Security management systems - Requirements
Security and resilience - Security management systems - Requirements
This document specifies requirements for a security management system, including aspects relevant to the supply chain.
This document is applicable to all types and sizes of organizations (e.g. commercial enterprises, government or other public agencies and non-profit organizations) which intend to establish, implement, maintain and improve a security management system. It provides a holistic and common approach and is not industry or sector specific.
This document can be used throughout the life of the organization and can be applied to any activity, internal or external, at all levels.
Titre manque
Varnost in vzdržljivost - Sistemi vodenja varnosti - Zahteve
Ta dokument določa zahteve za sistem vodenja varnosti, vključno z vidiki v zvezi z dobavno verigo.
Uporablja se za vse vrste in velikosti organizacij (npr. komercialna podjetja, vladne ali druge javne agencije, neprofitne organizacije), ki nameravajo vzpostaviti, izvajati, vzdrževati ter izboljšati sistem vodenja varnosti. Podaja celosten in splošen pristop ter ni omejen na posamezno industrijo ali sektor.
Ta dokument je mogoče uporabljati v celotnem obdobju delovanja organizacije in za katero koli notranjo ali zunanjo dejavnost na vseh ravneh.
General Information
Relations
Buy Standard
Standards Content (Sample)
SLOVENSKI STANDARD
SIST ISO 28000:2023
01-marec-2023
Nadomešča:
SIST ISO 28000:2018
Varnost in vzdržljivost - Sistemi vodenja varnosti - Zahteve
Security and resilience - Security management systems - Requirements
Titre manque
Ta slovenski standard je istoveten z: ISO 28000:2022
ICS:
03.100.10 Nabava. Dobava. Logistika Purchasing. Procurement.
Logistics
03.100.70 Sistemi vodenja Management systems
SIST ISO 28000:2023 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
SIST ISO 28000:2023
---------------------- Page: 2 ----------------------
SIST ISO 28000:2023
INTERNATIONAL ISO
STANDARD 28000
Second edition
2022-03
Security and resilience —
Security management systems —
Requirements
Reference number
ISO 28000:2022(E)
© ISO 2022
---------------------- Page: 3 ----------------------
SIST ISO 28000:2023
ISO 28000:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO 2022 – All rights reserved
---------------------- Page: 4 ----------------------
SIST ISO 28000:2023
ISO 28000:2022(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Context of the organization .4
4.1 Understanding the organization and its context . 4
4.2 Understanding the needs and expectations of interested parties . 4
4.2.1 General . 4
4.2.2 Legal, regulatory and other requirements . 4
4.2.3 Principles . 5
4.3 Determining the scope of the security management system . 6
4.4 Security management system . 6
5 Leadership . 7
5.1 Leadership and commitment . 7
5.2 Security policy . 7
5.2.1 Establishing the security policy .
...
INTERNATIONAL ISO
STANDARD 28000
Second edition
2022-03
Security and resilience —
Security management systems —
Requirements
Reference number
ISO 28000:2022(E)
© ISO 2022
---------------------- Page: 1 ----------------------
ISO 28000:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO 2022 – All rights reserved
---------------------- Page: 2 ----------------------
ISO 28000:2022(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Context of the organization .4
4.1 Understanding the organization and its context . 4
4.2 Understanding the needs and expectations of interested parties . 4
4.2.1 General . 4
4.2.2 Legal, regulatory and other requirements . 4
4.2.3 Principles . 5
4.3 Determining the scope of the security management system . 6
4.4 Security management system . 6
5 Leadership . 7
5.1 Leadership and commitment . 7
5.2 Security policy . 7
5.2.1 Establishing the security policy . 7
5.2.2 Security policy requirements . 8
5.3 Roles, responsibilities and authorities . 8
6 Planning . 8
6.1 Actions to address risks and opportunities .
...
FINAL
INTERNATIONAL ISO/FDIS
DRAFT
STANDARD 28000
ISO/TC 292
Security and resilience —
Secretariat: SIS
Security management systems —
Voting begins on:
2021-12-03 Requirements
Voting terminates on:
2022-01-28
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/FDIS 28000:2021(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. © ISO 2021
---------------------- Page: 1 ----------------------
ISO/FDIS 28000:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO 2021 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/FDIS 28000:2021(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Context of the organization .4
4.1 Understanding the organization and its context . 4
4.2 Understanding the needs and expectations of interested parties . 4
4.2.1 General . 4
4.2.2 Legal, regulatory and other requirements . 4
4.2.3 Principles . 5
4.3 Determining the scope of the security management system . 6
4.4 Security management system . 6
5 Leadership . 7
5.1 Leadership and commitment . 7
5.2 Security policy . 7
5.2.1 Establishing the security policy . 7
5.2.2 Security policy requirements .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.