Standards and certification
Information security and safety for risk management – Application to Information System
Quizzed article REF: SE2500 V4
Standards and certification
Information security and safety for risk management – Application to Information System

Author : Frédérique VALLÉE

Publication date: February 10, 2024 | Lire en français

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

4. Standards and certification

  • In the field of IT security, as is the case for all innovative industrial activities, dedicated standards have been developed in parallel with practical development, and have evolved in a mutually influential way: feedback from the field has influenced standards, but standardization has also facilitated the transition to practice. This evolution is still ongoing, as the field is not yet technically stabilized.

  • With regard to cybersecurity, the ISO 27001 standard, derived from BS 7799, was introduced in 2005, enabling certification of an "Information Security Management System" (ISMS). The ISO 27000 suite of standards was extended in June 2009 with ISO 27005, which provides a methodology for identifying and assessing risks to information assets, and in 2013 with ISO 27032, which provides guidelines for cybersecurity.

    ...
You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?

Ongoing reading
Standards and certification

Article included in this offer

"Safety and risk management"

( 459 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details
Contact our team FAQ