ISO/IEC 27031:2011
Current
Current
The latest, up-to-date edition.
Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity
Available format(s)
Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users
Language(s)
English, French
Published date
01-03-2011
Important note : All end users must be registered with an Account prior to user licenses being assigned.
ISO/IEC 27031:2011 describes the concepts and principles of information and comunication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization's ICT readiness to ensure business continuity. It applies to any organization (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity program (IRBC), and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organization to measure performance parameters that correlate to its IRBC in a consistent and recognized manner.
The scope of ISO/IEC 27031:2011 encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.
| DocumentType |
Standard
|
| Pages |
36
|
| PublisherName |
International Organization for Standardization
|
| Status |
Current
|
| Standards | Relationship |
| NS ISO/IEC 27031 : 2011 | Identical |
| GOST R ISO/IEC 27031 : 2012 | Identical |
| NEN ISO/IEC 27031 : 2011 | Identical |
| NF ISO/IEC 27031 : 2014 | Identical |
| NBR ISO/IEC 27031 : 2015 | Identical |
| ABNT NBR ISO/IEC 27031:2023 | Identical |
| BS ISO/IEC 27031:2011 | Identical |
| NBN ISO/IEC 27031 : 2014 | Identical |
| SN ISO/IEC 27031:2023 | Identical |
| CSA ISO/IEC 27031 : 2013 | Identical |
| CAN/CSA-ISO/IEC 27031:13 (R2017) | Identical |
| 18/30346433 DC : 0 | BS ISO/IEC 19086-4 - INFORMATION TECHNOLOGY - CLOUD COMPUTING SERVICE LEVEL AGREEMENT (SLA) FRAMEWORK - PART 4: SECURITY AND PRIVACY |
| BS ISO/IEC 27037 : 2012 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION, AND PRESERVATION OF DIGITAL EVIDENCE |
| 15/30268877 DC : 0 | BS ISO/IEC 27035-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT - PART 2: GUIDELINES TO PLAN AND PREPARE FOR INCIDENT RESPONSE |
| 12/30269414 DC : 0 | BS EN 16495 - AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANISATIONS SUPPORTING CIVIL AVIATION OPERATIONS |
| OLF 104 : 2016 | INFORMATION SECURITY BASELINE REQUIREMENTS FOR PROCESS CONTROL, SAFETY AND SUPPORT ICT SYSTEMS |
| BS ISO 22313 : 2012 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE |
| INCITS/ISO/IEC 27040 : 2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY |
| BS EN ISO/IEC 27037:2016 | Information technology. Security techniques. Guidelines for identification, collection, acquisition and preservation of digital evidence |
| CSA TELECOM ORGANIZATIONS PACKAGE : 2018 | CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR |
| CSA ISO/IEC 27035 : 2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT |
| CSA ISO/IEC 27035 : 2013 : R2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT |
| I.S. EN ISO 22313:2014 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE (ISO 22313:2012) |
| 14/30249803 DC : 0 | BS ISO/IEC 27040 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| UNE-ISO 22301:2013 | Societal security. Business continuity management systems. Requirements |
| INCITS/ISO/IEC 27037 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE |
| BS ISO/IEC 27035:2011 | Information technology. Security techniques. Information security incident management |
| 11/30168516 DC : 0 | BS ISO/IEC 27032 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR CYBERSECURITY |
| BS ISO 22301 : 2012 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS |
| CSA ISO/IEC 27002 : 2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
| DIN EN ISO 22301:2014-12 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS (ISO 22301:2012) |
| BS ISO/IEC 27035-2:2016 | Information technology. Security techniques. Information security incident management Guidelines to plan and prepare for incident response |
| BS EN ISO 22313:2014 | Societal security. Business continuity management systems. Guidance |
| UNE-ISO/IEC 27002:2015 | Information technology -- Security techniques -- Code of practice for information security controls |
| I.S. EN ISO 22301:2014 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS |
| BS ISO/IEC 27035-1:2016 | Information technology. Security techniques. Information security incident management Principles of incident management |
| BS ISO/IEC 27002 : 2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
| UNE-EN ISO/IEC 27002:2017 | Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015) |
| DIN EN ISO/IEC 27040:2016-04 (Draft) | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015) |
| BS EN ISO 22301:2014 | Societal security. Business continuity management systems. Requirements |
| DIN EN ISO/IEC 27002 E : 2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS (ISO/IEC 27002:2013 INCLUDING COR 1:2014 AND COR 2:2015) |
| 14/30304350 DC : 0 | BS EN ISO 27799 - HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 |
| 11/30207799 DC : 0 | BS ISO/IEC 27037 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE |
| BS EN ISO/IEC 27002:2017 | Information technology. Security techniques. Code of practice for information security controls |
| 10/30184432 DC : 0 | BS ISO/IEC 27035 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT |
| 12/30242445 DC : 0 | BS ISO 22398 - SOCIETAL SECURITY - GUIDELINES FOR EXERCISES AND TESTING |
| BS ISO 22398:2013 | Societal security. Guidelines for exercises |
| ISO/IEC TR 27015:2012 | Information technology Security techniques Information security management guidelines for financial services |
| BS ISO/IEC 27032:2012 | Information technology. Security techniques. Guidelines for cybersecurity |
| DIN EN ISO/IEC 27002:2017-06 | Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015) |
| ISO/IEC TR 20000-10:2015 | Information technology Service management Part 10: Concepts and terminology |
| BS EN 16495:2014 | Air Traffic Management. Information security for organisations supporting civil aviation operations |
| UNI EN 16495 : 2014 | AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANIZATIONS SUPPORTING CIVIL AVIATION OPERATIONS |
| ISO/IEC 27035:2011 | Information technology Security techniques Information security incident management |
| ISO/IEC 27032:2012 | Information technology — Security techniques — Guidelines for cybersecurity |
| ISO/IEC 27037:2012 | Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence |
| DIN EN ISO 22313:2016-05 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE (ISO 22313:2012) |
| 12/30250175 DC : 0 | BS ISO/IEC 27036-2 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY FOR SUPPLIER RELATIONSHIPS - PART 2: COMMON REQUIREMENTS |
| CSA INFORMATION SECURITY PACKAGE : 2018 | CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION |
| INCITS/ISO/IEC 27002 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
| BS EN ISO 27799:2008 | Health informatics. Information security management in health using ISO/IEC 27002 |
| 15/30267674 DC : 0 | BS ISO/IEC 27035-1 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY INCIDENT MANAGEMENT - PART 1: PRINCIPLES OF INCIDENT MANAGEMENT |
| ISO/IEC 27035-2:2016 | Information technology — Security techniques — Information security incident management — Part 2: Guidelines to plan and prepare for incident response |
| SR 003 391 : 2.1.1 | CLOUD STANDARDS COORDINATION PHASE 2; INTEROPERABILITY AND SECURITY IN CLOUD COMPUTING |
| I.S. EN ISO/IEC 27037:2016 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR IDENTIFICATION, COLLECTION, ACQUISITION AND PRESERVATION OF DIGITAL EVIDENCE (ISO/IEC 27037:2012) |
| I.S. EN ISO/IEC 27002:2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS (ISO/IEC 27002:2013 INCLUDING COR 1:2014 AND COR 2:2015) |
| I.S. ISO/IEC 27002:2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
| CEI UNI ISO/IEC 27002 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
| ISO 22398:2013 | Societal security — Guidelines for exercises |
| UNI EN ISO 22301 : 2014 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - REQUIREMENTS |
| ISO 22301:2012 | Societal security Business continuity management systems Requirements |
| BS ISO/IEC 27040 : 2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY |
| EN ISO 22313:2014 | Societal security - Business continuity management systems - Guidance (ISO 22313:2012) |
| BS EN ISO/IEC 27040:2016 | Information technology. Security techniques. Storage security |
| UNE-EN ISO 22301:2015 | Societal security - Business continuity management systems - Requirements (ISO 22301:2012) |
| ISO/IEC 27040:2015 | Information technology — Security techniques — Storage security |
| UNI EN ISO 22313 : 2015 | SOCIETAL SECURITY - BUSINESS CONTINUITY MANAGEMENT SYSTEMS - GUIDANCE |
| UNE-EN ISO 22313:2015 | Societal security - Business continuity management systems - Guidance (ISO 22313:2012) |
| EN ISO/IEC 27002:2017 | Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015) |
| EN ISO/IEC 27040:2016 | Information technology - Security techniques - Storage security (ISO/IEC 27040:2015) |
| EN ISO 22301:2014 | Societal security - Business continuity management systems - Requirements (ISO 22301:2012) |
| EN ISO 27799:2016 | Health informatics - Information security management in health using ISO/IEC 27002 (ISO 27799:2016) |
| EN ISO/IEC 27037:2016 | Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence (ISO/IEC 27037:2012) |
| EN 16495:2014 | Air Traffic Management - Information security for organisations supporting civil aviation operations |
| BS ISO/IEC 27036-2:2014 | Information technology. Security techniques. Information security for supplier relationships Requirements |
| ISO/IEC 27035-1:2016 | Information technology — Security techniques — Information security incident management — Part 1: Principles of incident management |
| PD ISO/IEC TR 20000-10:2015 | Information technology. Service management Concepts and terminology |
| BIP 2151 : 2012 | AUDITING BUSINESS CONTINUITY MANAGEMENT PLANS - ASSESS AND IMPROVE YOUR PERFORMANCE AGAINST ISO 22301 |
| I.S. EN 16495:2014 | AIR TRAFFIC MANAGEMENT - INFORMATION SECURITY FOR ORGANISATIONS SUPPORTING CIVIL AVIATION OPERATIONS |
| I.S. EN ISO/IEC 27040:2016 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY (ISO/IEC 27040:2015) |
| ISO/IEC 27036-2:2014 | Information technology Security techniques Information security for supplier relationships Part 2: Requirements |
| UNI CEI ISO/IEC 27002 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
| ISO 22313:2012 | Societal security Business continuity management systems Guidance |
| UNE-ISO 22313:2013 | Societal security.Business continuity management systems. Guidance |
| CAN/CSA-ISO/IEC 27035-2:18 | Information technology — Security techniques — Information security incident management — Part 2: Guidelines to plan and prepare for incident response (Adopted ISO/IEC 27035-2:2016, first edition, 2016-11-01) |
| CAN/CSA-ISO/IEC 27035-1:18 | Information technology — Security techniques — Information security incident management — Part 1: Principles of incident management (Adopted ISO/IEC 27035-1:2016, first edition, 2016-11-01) |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC 18043:2006 | Information technology Security techniques Selection, deployment and operations of intrusion detection systems |
| ISO/IEC 27003:2017 | Information technology — Security techniques — Information security management systems — Guidance |
| ISO/IEC 27004:2016 | Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation |
| BS 25999-1:2006 | BUSINESS CONTINUITY MANAGEMENT - PART 1: CODE OF PRACTICE |
| IEC/ISO 31010:2009 | Risk management - Risk assessment techniques |
| ISO 22301:2012 | Societal security Business continuity management systems Requirements |
| AS ISO 22301:2020 | Security and resilience - Business continuity management systems - Requirements |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| AS/NZS ISO/IEC 20000.10:2019 | Information technology - Service management Concepts and vocabulary |
| ISO/IEC TR 18044:2004 | Information technology Security techniques Information security incident management |
| ISO/IEC 20000-1:2011 | Information technology Service management Part 1: Service management system requirements |
| ISO/IEC 20000-2:2012 | Information technology Service management Part 2: Guidance on the application of service management systems |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| ISO 9000:2015 | Quality management systems — Fundamentals and vocabulary |
| ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
| ISO/IEC 24762:2008 | Information technology Security techniques Guidelines for information and communications technology disaster recovery services |
| AS ISO 22313:2020 | Security and resilience - Business continuity management systems - Guidance on the use of ISO 22301 |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.