PRICES include / exclude VAT
Homepage>BS Standards>03 SOCIOLOGY. SERVICES. COMPANY ORGANIZATION AND MANAGEMENT. ADMINISTRATION. TRANSPORT>03.100 Company organization and management>03.100.70 Management systems>BS ISO/IEC 27009:2020 Information security, cybersecurity and privacy protection. Sector-specific application of ISO/IEC 27001. Requirements
Sponsored link
immediate downloadReleased: 2020-04-27
BS ISO/IEC 27009:2020 Information security, cybersecurity and privacy protection. Sector-specific application of ISO/IEC 27001. Requirements

BS ISO/IEC 27009:2020

Information security, cybersecurity and privacy protection. Sector-specific application of ISO/IEC 27001. Requirements

Format
Availability
Price and currency
English Secure PDF
Immediate download
266.20 EUR
You can read the standard for 1 hour. More information in the category: E-reading
Reading the standard
for 1 hour
26.62 EUR
You can read the standard for 24 hours. More information in the category: E-reading
Reading the standard
for 24 hours
79.86 EUR
English Hardcopy
In stock
266.20 EUR
Standard number:BS ISO/IEC 27009:2020
Pages:26
Released:2020-04-27
ISBN:978 0 539 01264 4
Status:Standard
DESCRIPTION

BS ISO/IEC 27009:2020


This standard BS ISO/IEC 27009:2020 Information security, cybersecurity and privacy protection. Sector-specific application of ISO/IEC 27001. Requirements is classified in these ICS categories:
  • 03.100.70 Management systems
  • 03.120.20 Product and company certification. Conformity assessment
  • 35.030 IT Security

This document specifies the requirements for creating sector-specific standards that extend ISO/IEC 27001, and complement or amend ISO/IEC 27002 to support a specific sector (domain, application area or market).

This document explains how to:

  • include requirements in addition to those in ISO/IEC 27001 ,

  • refine or interpret any of the ISO/IEC 27001 requirements,

  • include controls in addition to those of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002 ,

  • modify any of the controls of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002 ,

  • add guidance to or modify the guidance of ISO/IEC 27002 .

This document specifies that additional or refined requirements do not invalidate the requirements in ISO/IEC 27001.

This document is applicable to those involved in producing sector-specific standards.