Reference number
ISO/IEC 27036-3:2023
International Standard
ISO/IEC 27036-3:2023
Cybersecurity — Supplier relationships — Part 3: Guidelines for hardware, software, and services supply chain security
Edition 2
2023-06
Preview
ISO/IEC 27036-3:2023
82890
недоступно на русском языке
Опубликовано (Версия 2, 2023)

ISO/IEC 27036-3:2023

ISO/IEC 27036-3:2023
82890
Язык
Формат
CHF 151
Пересчитать швейцарские франки (CHF) в ваша валюта

Тезис

This document provides guidance for product and service acquirers, as well as suppliers of hardware, software and services, regarding:

a)    gaining visibility into and managing the information security risks caused by physically dispersed and multi-layered hardware, software, and services supply chains;

b)    responding to risks stemming from this physically dispersed and multi-layered hardware, software, and services supply chain that can have an information security impact on the organizations using these products and services;

c)    integrating information security processes and practices into the system and software life cycle processes, as described in ISO/IEC/IEEE 15288 and ISO/IEC/IEEE 12207, while supporting information security controls, as described in ISO/IEC 27002.

This document does not include business continuity management/resiliency issues involved with the hardware, software, and services supply chain. ISO/IEC 27031 addresses information and communication technology readiness for business continuity.

Общая информация

  •  : Опубликовано
     : 2023-06
    : Опубликование международного стандарта [60.60]
  •  : 2
  • ISO/IEC JTC 1/SC 27
    35.030 
  • RSS обновления

Жизненный цикл

Появились вопросы?

Ознакомьтесь с FAQ