|
List Of ISO Standards 26000–27999
This is a list of publishedThis list generally excludes draft versions. International Organization for Standardization (ISO) standards and other deliverables.ISO/IEC 27701:2019Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines * ISO 27729:2012 Information and documentation - International standard name identifier (ISNI) * ISO 27730:2012 Information and documentation - International standard collection identifier (ISCI) * ISO 27789:2013 Health informatics – Audit trails for electronic health records * ISO/TS 27790:2009 Health informatics – Document registry framework * ISO 27799:2016 Health informatics—Information security management in health using ISO/IEC 27002 * ISO/TR 27809:2007 Health informatics – Measures for ensuring patient safety of health software * ISO/HL7 27931:2009 Data Exchange Standards – Health Level Seven Version 2.5 – An application protocol for electronic data excha ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
International Organization For Standardization
The International Organization for Standardization (ISO ; ; ) is an independent, non-governmental, international standard development organization composed of representatives from the national standards organizations of member countries. Membership requirements are given in Article 3 of the ISO Statutes. ISO was founded on 23 February 1947, and () it has published over 25,000 international standards covering almost all aspects of technology and manufacturing. It has over 800 technical committees (TCs) and subcommittees (SCs) to take care of standards development. The organization develops and publishes international standards in technical and nontechnical fields, including everything from manufactured products and technology to food safety, transport, IT, agriculture, and healthcare. More specialized topics like electrical and electronic engineering are instead handled by the International Electrotechnical Commission.Editors of Encyclopedia Britannica. 3 June 2021.Inte ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO/IEC 27002
ISO/IEC 27002 is an information security standard published by the International Organization for Standardization (ISO) and by the International Electrotechnical Commission (IEC), titled ''Information security, cybersecurity and privacy protection — Information security controls''. The ISO/IEC 27000 family of standards are descended from a corporate security standard donated by Shell to a UK government initiative in the early 1990s. The Shell standard was developed into British Standard BS 7799 in the mid-1990s, and was adopted as ISO/IEC 17799 in 2000. The ISO/IEC standard was revised in 2005, and renumbered ISO/IEC 27002 in 2007 to align with the other ISO/IEC 27000-series standards. It was revised again in 2013 and in 2022. Later in 2015 the ISO/IEC 27017 was created from that standard in order to suggest additional security controls for the cloud which were not completely defined in ISO/IEC 27002. ISO/IEC 27002 provides best practice recommendations on in ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO 27500
The International Organization for Standardization (ISO ; ; ) is an independent, non-governmental, international standard development organization composed of representatives from the national standards organizations of member countries. Membership requirements are given in Article 3 of the ISO Statutes. ISO was founded on 23 February 1947, and () it has published over 25,000 international standards covering almost all aspects of technology and manufacturing. It has over 800 technical committees (TCs) and subcommittees (SCs) to take care of standards development. The organization develops and publishes international standards in technical and nontechnical fields, including everything from manufactured products and technology to food safety, transport, IT, agriculture, and healthcare. More specialized topics like electrical and electronic engineering are instead handled by the International Electrotechnical Commission.Editors of Encyclopedia Britannica. 3 June 2021.Internatio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO/IEC 27040
ISO/IEC 27040 is part of a growing family of International Standards published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in the area of security techniques; the standard is being developed by Subcommitee 27 (SC27) - IT Security techniques of the first Joint Technical Committee 1 (JTC 1) of the ISO/IEC. A major element of SC27's program of work includes International Standards for information security management systems (ISMS), often referred to as the 'ISO/IEC 27000-series'. The full title of ISO/IEC 27040 is ''Information technology — Security techniques — Storage security (ISO/IEC 27040:2015)'' Overview and introduction The purpose of ISO/IEC 27040 is to provide security guidance for storage systems and ecosystems as well as for protection of data in these systems. It supports the general concepts specified in ISO/IEC 27001. This International Standard is relevant to managers and staff concerned ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intrusion Detection And Prevention System
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms. IDS types range in scope from single computers to large networks. The most common classifications are network intrusion detection systems (NIDS) and host-based intrusion detection systems (HIDS). A system that monitors important operating system files is an example of an HIDS, while a system that analyzes incoming network traffic is an example of an NIDS. It is also possible to classify IDS by detection approach. The most well-known variants are signature-based detection (recognizing bad patterns, such as exploitation a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Virtual Private Network
Virtual private network (VPN) is a network architecture for virtually extending a private network (i.e. any computer network which is not the public Internet) across one or multiple other networks which are either untrusted (as they are not controlled by the entity aiming to implement the VPN) or need to be isolated (thus making the lower network invisible or not directly usable). A VPN can extend access to a private network to users who do not have direct access to it, such as an office network allowing secure access from off-site over the Internet. This is achieved by creating a link between computing devices and computer networks by the use of network tunneling protocols. It is possible to make a VPN secure to use on top of insecure communication medium (such as the public internet) by choosing a tunneling protocol that implements encryption. This kind of VPN implementation has the benefit of reduced costs and greater flexibility, with respect to dedicated communication li ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO/IEC 27032
ISO/IEC JTC 1, entitled "Information technology", is a joint technical committee (JTC) of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its purpose is to develop, maintain and promote standards in the fields of information and communications technology (ICT). JTC 1 has been responsible for many critical IT standards, ranging from the Joint Photographic Experts Group (JPEG) image formats and Moving Picture Experts Group (MPEG) audio and video formats to the C and C++ programming languages. History ISO/IEC JTC 1 was formed in 1987 as a merger between ISO/TC 97 (Information Technology) and IEC/TC 83, with IEC/SC 47B joining later. The intent was to bring together, in a single committee, the IT standardization activities of the two parent organizations in order to avoid duplicative or possibly incompatible standards. At the time of its formation, the mandate of JTC 1 was to develop base standards in information te ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO/IEC 27019
ISO/IEC TR 27019 is a security standard, part of the ISO/IEC 27000-series, ISO/IEC 27000 family of standards. It was published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee, ISO/IEC JTC 1/SC 27. It is based on ISO/IEC 27002, but it is applied for energy management (to control generation, transmission, storage and distribution of electric power) and for the control of associated supporting processes. It is not applied to the process control of nuclear facilities and it is not applied to telecommunication systems and components used in the process control environment. ISO/IEC TR 27019 first version was published in July 2013. and its latest version was published on November 27 of 2017. Versions That standard has two versions: * ISO/IEC 27019:2013 * ISO/IEC 27019:2017 * ISO/IEC 27019:2024 References External links ISO Website {{DEFAULTSORT:ISO IEC 27019 Computer sec ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO/IEC 27018
''ISO/IEC 27018'' Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors is a privacy standard, part of the ISO/IEC 27000 family of standards. It was among the first international standards about privacy in cloud computing services. It is based on ISO/IEC 27002. It helps cloud service providers who process personally identifiable information (PII) to assess risk and implement controls for protecting PII. It was published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee, ISO/IEC JTC 1/SC 27. Standard Versions There have been two editions of this standard so far: * ISO/IEC 27018:2014 * ISO/IEC 27018:2019 Structure of the standard ISO/IEC 27018:2019 has eighteen sections, plus a long annex, which cover: :1. Scope :2. Normative References :3. Terms and definitions : ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO/IEC 27017
ISO/IEC 27017 is a security standard developed for cloud service providers and users to make a safer cloud-based environment and reduce the risk of security problems. It was published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee, ISO/IEC JTC 1/SC 27. It is part of the ISO/IEC 27000 family of standards, standards which provides best practice recommendations on information security management. This standard was built from ISO/IEC 27002, suggesting additional security controls for the cloud which were not completely defined in ISO/IEC 27002. This International Standard provides guidelines supporting the implementation of information security controls for cloud service customers, who implements the controls, and cloud service providers to support the implementations of those controls. The selection of appropriate information security controls and the application of the impl ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO/IEC 27007
ISO/IEC 27007 — Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing is a standard providing guidance on: *managing an information security management system (ISMS) audit programme; *conducting audits; and *the competence of ISMS auditors. It builds upon the auditing guidance contained in ISO 19011. ISO/IEC 27007 is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme. It was published in 2011, and revised in 2017 and 2020. : It is part of the ISO/IEC 27000-series family of standards about information security management system (ISMS), which is a systematic approach to securing sensitive information, of ISO/IEC. It provides standards for a robust approach to managing information security and building resilience. Overview The standard is about how an information security management system audit can be performed based on a vari ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ISO/IEC 27006
ISO/IEC 27006 is an information security standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Part of the ISO/IEC 27000 series of ISO/IEC Information Security Management System (ISMS) standards, it is titled ''Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems''. ISO/IEC 27006 lays out formal requirements for accredited organizations which certify other organizations compliant with ISO/IEC 27001. It effectively replaces EA 7/03 (Guidelines for the Accreditation of bodies operating certification/ registration of. Information Security Management Systems). The standard helps ensure that ISO/IEC 27001 certificates issued by accredited organizations are meaningful and trustworthy, in other words it is a matter of assurance. Description of standard ISO 27006 outlines requirements to be accredited for th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
