INTERNATIONAL ISO/IEC STANDARD 27009 Second edition 2020-04 Information security,cybersecurity andprivacyprotectionSector- specific application of IS0/IEC 27001 -Requirements Securite de I'information,cybersecurite et protection des donnees personnelles-ApplicationdeI'iS0/IEC27001aunsecteur specifique-Exigences Reference number IEC IS0/IEC27009:2020(E) Copyright Interr ational Organization for Standardizatior ISO/IEC2020 d by IHS Markit unde cense with IEC Not for Resale, 05/07/2020 17:58:13 MDT IS0/IEC27009:2020(E) COPYRIGHTPROTECTEDDOCUMENT IS0/IEC2020 All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may on the internet or an intranet, without prior written permission. Permission can be requested from either IsO at the address below or Iso's member body in the country of the requester. ISO copyright office CP 401 · Ch. de Blandonnet 8 CH-1214 Vernier, Geneva Phone: +41 22 749 01 11 Fax: +41 22 749 09 47 Email:copyright@iso.org Website: www.iso.org Published in Switzerland @ ISO/IEC 2020 All rights reserved Nt or Resale,050720201758:13MDT IS0/IEC27009:2020(E) Contents Page Foreword .iv 1 Scope 2 Normativereferences .1 3 Terms and definitions . 4 Overviewofthisdocument .2 4.1 General. .2 4.2 Structureofthisdocument .3 4.3 ExpandingIS0/IEC27001requirementsorIS0/IEC27002controls 3 5 Additionto,refinementorinterpretationofIso/lEc27001requirements 3 5.1 General .3 5.2 AdditionofrequirementstoIS0/IEC27001 4 5.3 RefinementofrequirementsinIS0/IEc27001 4 5.4 InterpretationofrequirementsinIS0/IEC27001 4 6 AdditionalormodifiedIS0/IEC27002guidance .4 6.1 General .4 6.2 Additional guidance 5 6.3 Modified guidance. 5 AnnexA(normative)Templatefordeveloping sector-specificstandardsrelatedto IS0/IEC27001andoptionallyIS0/IEC27002 6 AnnexB (normative)Templatefordevelopingsector-specificstandardsrelatedto IS0/IEC27002 9 Annex C (informative) Explanation of the advantages and disadvantages of numbering approachesusedwithinAnnexB .16 Bibliography .18 ili er license with IEC e from IHS e, 05/07/2020 17:58:13 MD IS0/IEC27009:2020(E) Foreword ISo (theInternational OrganizationforStandardization)andIEC (the International Electrotechnical Commission)formthe specialized system forworldwide standardization.National bodies thatare members of ISO or IEC participate in the development of International Standards through technical committees established bythe respective organization to deal with particular fields of technical activity.Iso and IEC technicalcommittees collaborate infields ofmutual interest.Other international organizations,governmentalandnon-governmental, in liaison withiso and IEC,alsotakepart inthe work.In thefield of information technology,ISO and IEC have established a joint technical committee, ISO/IECJTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISo/IEC Directives, Part 1. In particular the different approval criteria needed for the differenttypes of Iso documents should benoted.This document was drafted in accordance with the editorial rulesoftheISo/IECDirectives,Part2 (seewww.iso.org/directives). Attention is drawntothepossibilitythat someof the elements of this documentmaybethe subject of patent rights.ISO and IEC shall not beheld responsible foridentifying any or all suchpatent rights. Details of any patent rights identified during the development of the document will be in the Introductionand/oron theIsolistofpatentdeclarations received (seewww.iso.org/patents). Anytradename used in this document is information given for the convenience of users and does not constituteanendorsement. For an explanation on thevoluntary nature of standards, themeaning of Iso specific terms and expressions related to conformity assessment, as well as information about Iso's adherence to the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso.org/ iso/foreword.ht

pdf文档 ISO-IEC 27009 英文版 2020

文档预览
中文文档 24 页 50 下载 1000 浏览 0 评论 0 收藏 3.0分
温馨提示:本文档共24页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
ISO-IEC 27009 英文版 2020 第 1 页 ISO-IEC 27009 英文版 2020 第 2 页 ISO-IEC 27009 英文版 2020 第 3 页
下载文档到电脑,方便使用
本文档由 思安 于 2022-11-26 11:27:42上传分享
站内资源均来自网友分享或网络收集整理,若无意中侵犯到您的权利,敬请联系我们微信(点击查看客服),我们将及时删除相关资源。