ISO/IEC Standard 13335

ISO/IEC Standard 13335 - Information technology -- Security techniques -- Management of information and communications technology security

Published under Risk Management
Title: ISO/IEC 13335-1:2004 - Information technology -- Security techniques -- Management of information and communications technology security -- Part 1: Concepts and models for information and communications technology security management
Source reference: http://www.iso.org/iso/en/
(Note: this is a reference to the ISO page where the standard can be acquired. However, the standard is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted).
Topic: Standard containing generally accepted descriptions of concepts and models for information and communications technology security management.
Direct / indirect relevance Direct. The text is a direct resource for the implementation of security management.
Scope: Not publicly available ISO standard, which can be voluntarily implemented.
Legal force: Nonbinding ISO standard.
Affected sectors: Generic. The standard can be implemented in any sector confronted by technology security management.
Relevant provision(s): The standard is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted.
Relevance to RM/RA: The standard is a commonly used code of practice, and serves as a resource for the implementation of security management practices and as a yardstick for auditing such practices. (See also
http://csrc.nist.gov/publications/secpubs/otherpubs/reviso-faq.pdf)

 

We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more