BS ISO/IEC 27009:2016
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Information technology. Security techniques. Sector-specific application of ISO/IEC 27001. Requirements
Hardcopy , PDF
27-04-2020
English
30-06-2016
Important note : All end users must be registered with an Account prior to user licenses being assigned.
Foreword
1 Scope
2 Normative references
3 Terms and definitions
4 Overview of this International Standard
5 Additional, refined or interpreted ISO/IEC 27001
requirements
6 Additional or modified ISO/IEC 27002 guidance
Annex A (normative) - Template for developing
sector-specific standards related to
ISO/IEC 27001:2013 or ISO/IEC 27002:2013
Bibliography
Specifies the requirements for the use of ISO/IEC 27001 in any specific sector (field, application area or market sector). Describes how to include requirements additional to those in ISO/IEC 27001, how to refine any of the ISO/IEC 27001 requirements, and how to include controls or control sets in addition to ISO/IEC 27001:2013, Annex A.
| Committee |
IST/33/1
|
| DevelopmentNote |
Supersedes 15/30285726 DC. (06/2016)
|
| DocumentType |
Standard
|
| Pages |
18
|
| PublisherName |
British Standards Institution
|
| Status |
Superseded
|
| SupersededBy | |
| Supersedes |
This International Standard defines the requirements for the use of ISO/IEC27001 in any specific sector (field, application area or market sector). It explains how to include requirements additional to those in ISO/IEC27001 , how to refine any of the ISO/IEC27001 requirements, and how to include controls or control sets in addition to ISO/IEC27001:2013, AnnexA. This International Standard ensures that additional or refined requirements are not in conflict with the requirements in ISO/IEC27001 . This International Standard is applicable to those involved in producing sector-specific standards that relate to ISO/IEC27001 .
| Standards | Relationship |
| ISO/IEC 27009:2016 | Identical |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC 27017:2015 | Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| ISO/IEC 27018:2014 | Information technology Security techniques Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors |
| ISO/IEC 27010:2015 | Information technology Security techniques Information security management for inter-sector and inter-organizational communications |
| ISO/IEC 27011:2016 | Information technology — Security techniques — Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations |
| ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.