This document provides guidance on how to leverage existing standards in a cybersecurity framework.
The concepts behind information security can be used to assess and manage cybersecurity risks. The key question is how to manage cybersecurity risk in a comprehensive and structured manner, and ensure that processes, governance and controls exist and are fit for purpose. This can be done through a management systems approach. An Information Security Management System (ISMS) as described in ISO/IEC 27001 is a well proven way for any organization to implement a risk-based approach to cybersecurity. This document demonstrates how a cybersecurity framework can utilize current information security standards to achieve a well-controlled approach to cybersecurity management. Source: https://www.iso.org/standard/72437.html
Status: Published
Publication Date: 2018-02-01
Category: Cybersecurity
Working Group:
Source: https://www.standict.eu/standards-repository/standard/cybersecurity-and-iso-and-iec-standards
