CEN/CLC/JTC 13/WG 2 - Cybersecurity Management Systems
The WG considers national and international standards for adoption in the domain of management system standards including supporting control sets covering information and cyber security. Where not being developed by other SDO's, the WG may develop CEN/CENELEC publications in this domain. JTC 13/WG 2 also covers aspects related primarily to an organisation’s security controls and services, emphasizing standards for information security and cybersecurity and its application to the security of information systems and their lifecycle. The topics covered include information security and cybersecurity related to: • Operations (for example readiness, continuity, incident management, event management, investigation) • Information and data lifecycle • Organizational and management aspects of services within an organisation • Technologies and architectures (for example cloud, network, virtualization, storage
Cybersecurity Management Systems
The WG considers national and international standards for adoption in the domain of management system standards including supporting control sets covering information and cyber security. Where not being developed by other SDO's, the WG may develop CEN/CENELEC publications in this domain. JTC 13/WG 2 also covers aspects related primarily to an organisation’s security controls and services, emphasizing standards for information security and cybersecurity and its application to the security of information systems and their lifecycle. The topics covered include information security and cybersecurity related to: • Operations (for example readiness, continuity, incident management, event management, investigation) • Information and data lifecycle • Organizational and management aspects of services within an organisation • Technologies and architectures (for example cloud, network, virtualization, storage
General Information
This document provides a reference set of generic information security controls including implementation guidance. This document is designed to be used by organizations:
a) within the context of an information security management system (ISMS) based on ISO/IEC27001;
b) for implementing information security controls based on internationally recognized best practices;
c) for developing organization-specific information security management guidelines.
- Standard164 pagesEnglish languagesale 10% offe-Library read for1 day