iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST-TS CEN/CLC/TS 18026:2024

(Main)

Three-level approach for a set of cybersecurity requirements for cloud services

Three-level approach for a set of cybersecurity requirements for cloud services

This Technical Specification (TS) provides a set of cybersecurity requirements for cloud services.
This TS is applicable to organizations providing cloud services and their subservice organizations

Mehrschichtiger Ansatz für einen Anforderungskatalog für Informations-/Cybersicherheitsmaßnahmen für Cloud Dienste

Tristopenjski pristop za nabor zahtev kibernetske varnosti za storitve v oblaku

General Information

Status
Published
Publication Date
09-Jun-2024
ICS
35.030 - IT Security
35.210 - Cloud computing
Technical Committee
ITC - Information technology
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
14-May-2024
Due Date
19-Jul-2024
Completion Date
10-Jun-2024
Directive
2019/881 - Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act) (Text with EEA relevance)
Ref Project
CEN/TS 18026:2024 - Three-level approach for a set of cybersecurity requirements for cloud services

Buy Standard

TS CEN/CLC/TS 18026:2024TS CEN/CLC/TS 18026:2024
PreviousNext
Technical specification
TS CEN/CLC/TS 18026:2024
English language
180 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST-TS CEN/CLC/TS 18026:2024
01-julij-2024
Tristopenjski pristop za nabor zahtev kibernetske varnosti za storitve v oblaku
Three-level approach for a set of cybersecurity requirements for cloud services
Mehrschichtiger Ansatz für einen Anforderungskatalog für
Informations-/Cybersicherheitsmaßnahmen für Cloud Dienste
Ta slovenski standard je istoveten z: CEN/TS 18026:2024
ICS:
35.030 Informacijska varnost IT Security
35.210 Računalništvo v oblaku Cloud computing
SIST-TS CEN/CLC/TS 18026:2024 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST-TS CEN/CLC/TS 18026:2024

---------------------- Page: 2 ----------------------
SIST-TS CEN/CLC/TS 18026:2024


TECHNICAL SPECIFICATION CEN/TS 18026

SPÉCIFICATION TECHNIQUE

TECHNISCHE SPEZIFIKATION
April 2024
ICS 35.030; 35.210

English version

Three-level approach for a set of cybersecurity
requirements for cloud services
 Mehrschichtiger Ansatz für einen Anforderungskatalog
für Informations-/Cybersicherheitsmaßnahmen für
Cloud Dienste
This Technical Specification (CEN/TS) was approved by CEN on 27 February 2024 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN and CENELEC will be
requested to submit their comments, particularly on the question whether the CEN/TS can be converted into a European
Standard.

CEN and CENELEC members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the
CEN/TS available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in
force (in parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium,
Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and United Kingdom.






















CEN-CENELEC Management Centre:
Rue de la Science 23, B-1040 Brussels
© 2024 CEN/CENELEC All rights of exploitation in any form and by any means
Ref. No. CEN/TS 18026:2024 E
reserved worldwide for CEN national Members and for
CENELEC Members.

---------------------- Page: 3 ----------------------
SIST-TS CEN/CLC/TS 18026:2024
CEN/CLC/TS 18026:2024 (E)
Contents Page
European foreword . 3
Introduction . 4
1 Scope . 8
2 Normative references . 8
3 Terms and definitions . 8
4 Organisation of Information Security . 35
5. Information Security Policies . 39
6. Risk management . 45
7. Human Resources . 49
8. Asset Management . 57
9. Physical Security . 63
10.     Operational Security ……………………………………………………………………… ………………………….93
11. Identity, Authentication and Access Control Management . 94
12. Cryptography and Key Management .113
13. Communication Security .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST EN ISO/IEC 27017:2021(Main)
Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services (ISO/IEC 27017:2015)
EN ISO/IEC 27017:2021

This Recommendation | International Standard gives guidelines for information security controls applicable to the
provision and use of cloud services by providing:
– additional implementation guidance for relevant controls specified in ISO/IEC 27002;
– additional controls with implementation guidance that specifically relate to cloud services.
This Recommendation | International Standard provides controls and implementation guidance for both cloud service
providers and cloud service customers.

  • Standard
    44 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO/IEC 27018:2020(Main)
Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors (ISO/IEC 27018:2019)
EN ISO/IEC 27018:2020

This document establishes commonly accepted control objectives, controls and guidelines for
implementing measures to protect Personally Identifiable Information (PII) in line with the privacy
principles in ISO/IEC 29100 for the public cloud computing environment.
In particular, this document specifies guidelines based on ISO/IEC 27002, taking into consideration
the regulatory requirements for the protection of PII which can be applicable within the context of the
information security risk environment(s) of a provider of public cloud services.
This document is applicable to all types and sizes of organizations, including public and private
companies, government entities and not-for-profit organizations, which provide information processing
services as PII processors via cloud computing under contract to other organizations.
The guidelines in this document can also be relevant to organizations acting as PII controllers. However,
PII controllers can be subject to additional PII protection legislation, regulations and obligations, not
applying to PII processors. This document is not intended to cover such additional obligations.

  • Standard
    35 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    35 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO/IEC 27017:2021(Main)
Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services (ISO/IEC 27017:2015)
EN ISO/IEC 27017:2021

This Recommendation | International Standard gives guidelines for information security controls applicable to the
provision and use of cloud services by providing:
– additional implementation guidance for relevant controls specified in ISO/IEC 27002;
– additional controls with implementation guidance that specifically relate to cloud services.
This Recommendation | International Standard provides controls and implementation guidance for both cloud service
providers and cloud service customers.

  • Standard
    44 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO/IEC 27018:2020(Main)
Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors (ISO/IEC 27018:2019)
EN ISO/IEC 27018:2020

This document establishes commonly accepted control objectives, controls and guidelines for
implementing measures to protect Personally Identifiable Information (PII) in line with the privacy
principles in ISO/IEC 29100 for the public cloud computing environment.
In particular, this document specifies guidelines based on ISO/IEC 27002, taking into consideration
the regulatory requirements for the protection of PII which can be applicable within the context of the
information security risk environment(s) of a provider of public cloud services.
This document is applicable to all types and sizes of organizations, including public and private
companies, government entities and not-for-profit organizations, which provide information processing
services as PII processors via cloud computing under contract to other organizations.
The guidelines in this document can also be relevant to organizations acting as PII controllers. However,
PII controllers can be subject to additional PII protection legislation, regulations and obligations, not
applying to PII processors. This document is not intended to cover such additional obligations.

  • Standard
    35 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    35 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 14325:2018+A1:2024(Main + Amendment)
Protective clothing against chemicals - Test methods and performance classification of chemical protective clothing materials, seams, joins and assemblages
EN 14325:2018+A1:2024

This European Standard specifies the performance classification and test methods for materials used in chemical protective clothing, including gloves and footwear. The gloves and boots should have the same chemical protective barrier requirements as the fabric when an integral part of the clothing. This is a reference standard to which chemical protective clothing performance standards may refer in whole or in part, but this standard is not exhaustive in the sense that product standards may well require testing according to test method standards which are not included in this standard.
While these performance levels are intended to relate to the usage to which the chemical protective clothing is to be put, it is essential that the chemical protective clothing manufacturer or supplier indicate the intended use of the protective clothing and that the user (specifier) carries out a risk assessment in order to establish the correct performance level for the intended task.

  • Standard
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 61755-3-2:2024(Main)
Fibre optic interconnecting devices and passive components - Connector optical interfaces - Part 3-2: Connector parameters of dispersion unshifted single-mode physically contacting fibres - angled 2,5 mm and 1,25 mm diameter cylindrical full zirconia ferrules (IEC 61755-3-2:2024)
EN IEC 61755-3-2:2024

IEC 61755-3-2:2024 defines the dimensional limits of the optical interface that are necessary for single-mode fibre optic connectors with 2,5 mm or 1,25 mm diameter cylindrical zirconia (ZrO2) ferrules polished at an 8° angle to meet the specific requirements for fibre-to-fibre interconnection, as defined in IEC 61755-2-2. Ferrules made from the material specified in this standard are suitable for use in all the operating service environments defined in IEC 61753-1. Ferrule dimensions and features are contained in the IEC 61754 series of fibre optic connector interface standards. This second edition cancels and replaces the first edition published in 2006. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition:
a) normative references have been added;
b) The introduction of an additional optical interface with a different fibre core eccentricity profile. The previous revision of optical interface standard is named "Variant 1: with fibre core axis oriented towards the connector guide key".
The additional optical interface is named "Variant 2: with fibre core axis not oriented towards the connector guide key";
c) statements added related to interoperability, where both variants remain intermateable within a given performance grade and are fully backwards compatible to IEC 61755-3-2:2006;
d) The addition of Grade B and Grade C interface requirements for both variants;
f) The addition of a descriptive statistic for the mean fibre core eccentricity (mean value) to describe the distribution of fibre core eccentricity to ensure interoperability;
g) A new informative Annex B to give guidance on the expected attenuation when mated to a reference connector plug;
h) A new informative Annex D to give guidance related to estimation of mean fibre eccentricity limits for finite production batch sizes.

  • Standard
    26 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    23 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 12063:2024(Main)
Execution of special geotechnical work - Sheet pile walls, combined pile walls, high modulus walls
EN 12063:2024

This Standard specifies requirements, recommendations and information concerning the execution of permanent or temporary sheet pile wall structures and the handling of equipment and materials.
It does not give requirements and recommendations for the installation of specific parts of the structure such as ground anchorages and piles which are covered by other codes.
It applies only to steel sheet pile walls, combined walls, high modulus walls, synthetic sheet pile walls (composite), concrete and timber sheet pile walls.
Composite structures such as Berliner walls and sheet pile walls in combination with shotcrete, are not the subject of this standard.

  • Standard
    134 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    88 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 60598-2-2:2024(Main)
Luminaires - Part 2-2: Particular requirements - Recessed luminaires and recessed air-handling luminaires (IEC 60598-2-2:2023)
EN IEC 60598-2-2:2024

This part of IEC 60598 specifies requirements for recessed luminaires incorporating electric light sources for operation from supply voltages up to 1 000 V. It also specifies requirements for recessed air-handling luminaires for use with a ventilation duct or ventilated space (plenum).
NOTE The expressions “ventilation” and “ventilated” in this section refer to forced ventilation.

  • Standard
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    16 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 17823:2024(Main)
Acoustic properties of building elements and of buildings - Laboratory measurement of the impact sound insulation of stairs and stair isolating elements
EN 17823:2024

This standard defines procedures to measure in laboratory the impact sound level reduction of isolated heavy landings connected to a heavy wall, isolated heavy flights of stairs connected to a heavy landing, floor or ceiling, and lightweight stairs connected to a heavy wall, floor or ceiling.
This standard also considers the characterization of isolating elements for heavy landings or heavy flights of stairs in terms of an insertion loss expressed as an impact sound level difference. The corresponding procedure is given in a normative annex (Annex A), separated from the other procedures for the sake of clarity.

  • Standard
    30 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    30 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 61820-1-2:2024(Main)
Electrical installations for lighting and beaconing of aerodromes - Part 1-2: Fundamental principles - Particular requirements for series circuits (IEC 61820-1-2:2024)
EN IEC 61820-1-2:2024

IEC 61820-1-2:2024 describes requirements for AGL systems including power supplies, transformation of energy, cables, and any electrical component utilized to produce the light intended to be used as a visual aid for air and ground navigation based on IEC 61820-1, complemented with series circuit specific topics.

  • Standard
    37 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    29 pages
    English language
    sale 10% off
    e-Library read for
    1 day