- European Union Cybersecurity Certification Framework
The EU Cybersecurity Act establishes an EU certification framework for ICT digital products, services and processes. The European cybersecurity certification framework enables the creation of tailored and risk-based EU certification schemes.
- ISO 22301:2019 – Business Continuity Management Systems
This document specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise
- ISO/IEC 27001:2022 – Information Security Management Systems – Requirements
ISO/IEC 27001:2022 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2022 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.
- ISO/IEC 27031:2011 – Guidelines for Information and Communication Technology Readiness for Business Continuity
ISO/IEC 27031:2011 describes the concepts and principles of information and comunication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization's ICT readiness to ensure business continuity
- ISO/IEC 27032:2012 – Guidelines for Cybersecurity
ISO/IEC 27032:2012 provides guidance for improving the state of Cybersecurity, drawing out the unique aspects of that activity and its dependencies on other security domains.
- ISO/IEC 27035-1:2016 – Part 1: Principles of incident management
ISO/IEC 27035-1:2016 is the foundation of this multipart International Standard. It presents basic concepts and phases of information security incident management and combines these concepts with principles in a structured approach to detecting, reporting, assessing, and responding to incidents, and applying lessons learnt.
- ISO/IEC 27035-2:2016 – Part 2: Guidelines to Plan and Prepare for Incident Response
ISO/IEC 27035-2:2016 provides the guidelines to plan and prepare for incident response. The guidelines are based on the "Plan and Prepare" phase and the "Lessons Learned" phase of the "Information security incident management phases" model presented in ISO/IEC 27035‑1