Cybersecurity and ISO and IEC Standards

  • Home
  • Cybersecurity and ISO and IEC Standards

ISO/IEC TR 27103:2018

Cybersecurity and ISO and IEC Standards

SCOPE

This document provides guidance on how to leverage existing standards in a cybersecurity framework.
The concepts behind information security can be used to assess and manage cybersecurity risks. The key question is how to manage cybersecurity risk in a comprehensive and structured manner, and ensure that processes, governance and controls exist and are fit for purpose. This can be done through a management systems approach. An Information Security Management System (ISMS) as described in ISO/IEC 27001 is a well proven way for any organization to implement a risk-based approach to cybersecurity.

This document demonstrates how a cybersecurity framework can utilize current information security standards to achieve a well-controlled approach to cybersecurity management.

Source: https://www.iso.org/standard/72437.html

LATEST PUBLICATION DATE
February 2018
COMMITTEE / WG
WIKI WATCH

Insert here: activities, gaps, opportunities, and other user driven comments

Back to the search results