ISO/IEC Standard 13335
ISO/IEC Standard 13335 - Information technology -- Security techniques -- Management of information and communications technology security
Published under Risk Management
Title: | ISO/IEC 13335-1:2004 - Information technology -- Security techniques -- Management of information and communications technology security -- Part 1: Concepts and models for information and communications technology security management |
Source reference: | http://www.iso.org/iso/en/ (Note: this is a reference to the ISO page where the standard can be acquired. However, the standard is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted). |
Topic: | Standard containing generally accepted descriptions of concepts and models for information and communications technology security management. |
Direct / indirect relevance | Direct. The text is a direct resource for the implementation of security management. |
Scope: | Not publicly available ISO standard, which can be voluntarily implemented. |
Legal force: | Nonbinding ISO standard. |
Affected sectors: | Generic. The standard can be implemented in any sector confronted by technology security management. |
Relevant provision(s): | The standard is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted. |
Relevance to RM/RA: | The standard is a commonly used code of practice, and serves as a resource for the implementation of security management practices and as a yardstick for auditing such practices. (See also http://csrc.nist.gov/publications/secpubs/otherpubs/reviso-faq.pdf) |
Browse the Topics