Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
ISO/IEC 27004:2009
Information technology -- Security techniques -- Information security management -Measurement
Preview ISO/IEC 27004:2009
Abstract
ISO/IEC 27004:2009 provides guidance on the development and use of measures and
measurement in order to assess the effectiveness of an implemented information security
management system (ISMS) and controls or groups of controls, as specified in ISO/IEC 27001.
ISO/IEC 27004:2009 is applicable to all types and sizes of organization.
ISO/IEC 17799:2005
Information technology -- Security techniques -- Code of practice for information security
management
Abstract
ISO/IEC 17799:2005 establishes guidelines and general principles for initiating, implementing,
maintaining, and improving information security management in an organization. The objectives
outlined provide general guidance on the commonly accepted goals of information security
management. ISO/IEC 17799:2005 contains best practices of control objectives and controls in the
following areas of information security management:
security policy;
organization of information security;
asset management;
human resources security;
physical and environmental security;
communications and operations management;
access control;
information systems acquisition, development and maintenance;
information security incident management;
business continuity management;
Compliance.
The control objectives and controls in ISO/IEC 17799:2005 are intended to be implemented to
meet the requirements identified by a risk assessment. ISO/IEC 17799:2005 is intended as a
common basis and practical guideline for developing organizational security standards and
effective security management practices, and to help build confidence in inter-organizational
activities.
ISO/IEC 27001:2013
Information technology -- Security techniques -- Information security management systems -Requirements
Preview ISO/IEC 27001:2013
Abstract
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and
continually improving an information security management system within the context of the
organization. It also includes requirements for the assessment and treatment of information
security risks tailored to the needs of the organization. The requirements set out in ISO/IEC
27001:2013 are generic and are intended to be applicable to all organizations, regardless of type,
size or nature.
ISO 5807:1985
Information processing -- Documentation symbols and conventions for data, program and system
flowcharts, program network charts and system resources charts
Preview ISO 5807:1985
Abstract
Defines symbols to be used in information processing documentation and gives guidance on
conventions tor their use in data flowcharts, program flowcharts, system flowcharts, program
network charts, system resources charts. Applicable in conjunction with ISO 2382/1.
ISO 9001:2015
Quality management systems -- Requirements
Preview ISO 9001:2015
Abstract
ISO 9001:2015 specifies requirements for a quality management system when an organization:
a) needs to demonstrate its ability to consistently provide products and services that meet
customer and applicable statutory and regulatory requirements, and
b) aims to enhance customer satisfaction through the effective application of the system, including
processes for improvement of the system and the assurance of conformity to customer and
applicable statutory and regulatory requirements.
All the requirements of ISO 9001:2015 are generic and are intended to be applicable to any
organization, regardless of its type or size, or the products and services it provides.
TIA/EIA-568
TIA/EIA-568 defines structured cabling system standards for commercial buildings, and between
buildings in campus environments. The bulk of the standards define cabling types, distances,