ISO/IEC 27036-2:2014
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
View Superseded by
Information technology Security techniques Information security for supplier relationships Part 2: Requirements
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
06-15-2022
English
07-25-2014
ISO/IEC 27036-2:2014 specifies fundamental information security requirements for defining, implementing, operating, monitoring, reviewing, maintaining and improving supplier and acquirer relationships.
These requirements cover any procurement and supply of products and services, such as manufacturing or assembly, business process procurement, software and hardware components, knowledge process procurement, Build-Operate-Transfer and cloud computing services.
These requirements are intended to be applicable to all organizations, regardless of type, size and nature.
To meet these requirements, an organization should have already internally implemented a number of foundational processes, or be actively planning to do so. These processes include, but are not limited to, the following: governance, business management, risk management, operational and human resources management, and information security.
DocumentType |
Standard
|
Pages |
38
|
PublisherName |
International Organization for Standardization
|
Status |
Withdrawn
|
SupersededBy |
Standards | Relationship |
NBN ISO/IEC 27036-2 : 2014 | Identical |
BS ISO/IEC 27036-2:2014 | Identical |
INCITS/ISO/IEC 27036-2:2014 (2019) | Identical |
NEN ISO/IEC 27036-2 : 2014 | Identical |
NS ISO/IEC 27036-2 : 2014 | Identical |
15/30299331 DC : 0 | BS ISO/IEC 27011 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS BASED ON ISO/IEC 27002 FOR TELECOMMUNICATIONS ORGANIZATIONS |
CSA TELECOM ORGANIZATIONS PACKAGE : 2018 | CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR |
ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
ISO/IEC 27036-4:2016 | Information technology Security techniques Information security for supplier relationships Part 4: Guidelines for security of cloud services |
CSA ISO/IEC 27002 : 2015 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
UNE-ISO/IEC 27002:2015 | Information technology -- Security techniques -- Code of practice for information security controls |
BS ISO/IEC 27002 : 2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
UNE-EN ISO/IEC 27002:2017 | Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015) |
NEMA CPSP 1 : 2015 | SUPPLY CHAIN BEST PRACTICES |
DIN EN ISO/IEC 27002 E : 2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS (ISO/IEC 27002:2013 INCLUDING COR 1:2014 AND COR 2:2015) |
ISO/IEC 27017:2015 | Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services |
BS EN ISO/IEC 27002:2017 | Information technology. Security techniques. Code of practice for information security controls |
BS ISO/IEC 27036-4:2016 | Information technology. Security techniques. Information security for supplier relationships Guidelines for security of cloud services |
DIN EN ISO/IEC 27002:2017-06 | Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015) |
CAN/CSA-ISO/IEC 27017:16 | Information technology Security techniques Code of practice for information security controls based on ISO/IEC 27002 for cloud services (Adopted ISO/IEC 27017:2015, first edition, 2015-12-15) |
12/30250178 DC : 0 | BS ISO/IEC 27036-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY FOR SUPPLIER RELATIONSHIPS - PART 3: GUIDELINES FOR ICT SUPPLY CHAIN SECURITY |
BS ISO/IEC 27017:2015 | Information technology. Security techniques. Code of practice for information security controls based on ISO/IEC 27002 for cloud services |
CSA INFORMATION SECURITY PACKAGE : 2018 | CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION |
14/30304350 DC : 0 | BS EN ISO 27799 - HEALTH INFORMATICS - INFORMATION SECURITY MANAGEMENT IN HEALTH USING ISO/IEC 27002 |
INCITS/ISO/IEC 27002 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
ISO/IEC 27036-3:2013 | Information technology — Security techniques — Information security for supplier relationships — Part 3: Guidelines for information and communication technology supply chain security |
16/30275200 DC : 0 | BS ISO/IEC 27036-4 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY FOR SUPPLIER RELATIONSHIPS - PART 4: GUIDELINES FOR SECURITY OF CLOUD SERVICES |
BS EN ISO 27799:2008 | Health informatics. Information security management in health using ISO/IEC 27002 |
I.S. EN ISO/IEC 27002:2017 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS (ISO/IEC 27002:2013 INCLUDING COR 1:2014 AND COR 2:2015) |
I.S. ISO/IEC 27002:2013 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
CEI UNI ISO/IEC 27002 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
ISO/IEC 27011:2016 | Information technology — Security techniques — Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations |
EN ISO/IEC 27002:2017 | Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015) |
EN ISO 27799:2016 | Health informatics - Information security management in health using ISO/IEC 27002 (ISO 27799:2016) |
BS ISO/IEC 27036-3:2013 | Information technology. Security techniques. Information security for supplier relationships Guidelines for information and communication technology supply chain security |
15/30259619 DC : 0 | BS ISO/IEC 27017 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS BASED ON ISO/IEC 27002 FOR CLOUD SERVICES |
UNI CEI ISO/IEC 27002 : 2014 | INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION SECURITY CONTROLS |
CAN/CSA-ISO/IEC 27011:18 | Information technology ? Security techniques ? Code of practice for information security controls based on ISO/IEC 27002 for telecommunications organizations (Adopted ISO/IEC 27011:2016, second edition, 2016-12-01) |
CAN/CSA-ISO/IEC 27036-4:18 | Information technology — Security techniques — Information security for supplier relationships — Part 4: Guidelines for security of cloud services (Adopted ISO/IEC 27036-4:2016, first edition, 2016-10-01) |
ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
ISO/IEC 27035:2011 | Information technology Security techniques Information security incident management |
ISO/IEC 27004:2016 | Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation |
ISO 31000:2009 | Risk management Principles and guidelines |
ISO 22301:2012 | Societal security Business continuity management systems Requirements |
ISO/IEC 27031:2011 | Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity |
ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
ISO/IEC 15288:2008 | Systems and software engineering — System life cycle processes |
ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
ISO/IEC 27036-1:2014 | Information technology Security techniques Information security for supplier relationships Part 1: Overview and concepts |
ISO 22313:2012 | Societal security Business continuity management systems Guidance |
ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
AS ISO/IEC/IEEE 12207:2019 | Systems and software engineering - Software life cycle processes |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.