Handlevagon 0
Standard

NS-ISO/IEC 27036-3:2023

Publisert
Forhåndsvisning

Rettelser og tillegg kjøpes separat.

Språk
Tjenester

Omfang

This document provides guidance for product and service acquirers, as well as suppliers of hardware, software and services, regarding: a) gaining visibility into and managing the information security risks caused by physically dispersed and multi-layered hardware, software, and services supply chains; b) responding to risks stemming from this physically dispersed and multi-layered hardware, software, and services supply chain that can have an information security impact on the organizations using these products and services; c) integrating information security processes and practices into the system and software life cycle processes, as described in ISO/IEC/IEEE 15288 and ISO/IEC/IEEE 12207, while supporting information security controls, as described in ISO/IEC 27002. This document does not include business continuity management/resiliency issues involved with the hardware, software, and services supply chain. ISO/IEC 27031 addresses information and communication technology readiness for business continuity.

Dokumentinformasjon

  • Standard fra SN
  • Publisert:
  • Utgave: 2
  • Versjon: 1
  • Varetype: NAT
  • Products.Specs.pages
  • ICS 35.030
  • National Committee SN/K 171

Produktrelasjon

Produkt livssyklus