M00017788
New product
ISO/IEC DIS 27036-2 2013 Edition, January 17, 2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY FOR SUPPLIER RELATIONSHIPS - PART 2: COMMON REQUIREMENTS
In stock
Warning: Last items in stock!
Availability date: 07/14/2021
Description / Abstract:
This part of ISO/IEC 27036 specifies fundamental information
security requirements for defining, implementing, operating,
monitoring, reviewing, maintaining and improving supplier and
acquirer relationships.
These requirements cover any procurement and supply of products
and services, such as manufacturing or assembly, business process
procurement, software and hardware components, knowledge process
procurement, Build-Operate-Transfer and cloud computing
services.
These requirements are intended to be applicable to all
organisations, regardless of type, size and nature.
To meet these requirements, an organisation should have already
internally implemented a number of foundational processes, or be
actively planning to do so.These processes include, but are not
limited to, the following: governance, business management,
operational and human resources management, and information
security.
NOTE The user of this document needs to correctly interpret each
of the forms of the expression of provisions (e.g. "shall", "shall
not", "should" and "should not") as being either requirements to be
satisfied and/or recommendations where there is a certain freedom
of choice. ISO/IEC 27000 Annex A should be consulted for further
clarification.