|
Cybersecurity and ISO and IEC Standards
|
SCOPE |
This document provides guidance on how to leverage existing standards in a cybersecurity framework.
The concepts behind information security can be used to assess and manage cybersecurity risks. The key question is how to manage cybersecurity risk in a comprehensive and structured manner, and ensure that processes, governance and controls exist and are fit for purpose. This can be done through a management systems approach. An Information Security Management System (ISMS) as described in ISO/IEC 27001 is a well proven way for any organization to implement a risk-based approach to cybersecurity.
This document demonstrates how a cybersecurity framework can utilize current information security standards to achieve a well-controlled approach to cybersecurity management.
Source: https://www.iso.org/standard/72437.html
|
LATEST PUBLICATION DATE |
|
COMMITTEE / WG |
|
WIKI WATCH Insert here:
activities, gaps, opportunities, and other user driven comments |
|
Back to the search results