Information technology — Electronic discovery — Part 2: Guidance for governance and management of el...
This document provides guidance for technical and non-technical personnel at senior management levels within an organization, including those with responsibility for compliance with statuary and regulatory requirements, and industry standards.
It describes how such personnel can identify and take ownership of risks related to electronic discovery, set policy and achieve compliance with…
Information technology - Electronic discovery - Part 2: Guidance for governance and management of el...
This document provides guidance for technical and non-technical personnel at senior management levels within an organization, including those with responsibility for compliance with statuary and regulatory requirements, and industry standards.
It describes how such personnel can identify and take ownership of risks related to electronic discovery, set policy and achieve compliance with…
1 Scope
1.1
This Standard specifies the requirements for all types of welded aluminum construction with the exception of those types listed in Clause 1.2. Common requirements that are essential to all structures, including statically-loaded structures and cyclically-loaded structures, are included in this Standard.
1.2
This Standard is not intended to apply to pressure vessels or to…
Information technology — Security techniques — Information security for supplier relationships — Par...
1 Scope
This part of ISO/IEC 27036 specifies fundamental information security requirements for defining,
implementing, operating, monitoring, reviewing, maintaining and improving supplier and acquirer
relationships.
These requirements cover any procurement and supply of products and services, such as manufacturing
or assembly, business process procurement, software and hardware components,…
Information technology — Security techniques — Guidelines for privacy impact assessment
1 Scope
This document gives guidelines for
— a process on privacy impact assessments, and
— a structure and content of a PIA report.
It is applicable to all types and sizes of organizations, including public companies, private companies, government entities and not-for-profit organizations.
This document is relevant to those involved in designing or implementing projects, including the…
Information technology — Security techniques — Code of practice for personally identifiable informat...
1 Scope
This Recommendation | International Standard establishes control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII).
In particular, this Recommendation | International Standard specifies guidelines based on ISO/IEC 27002, taking into…
Information technology — Governance of IT — Governance of data — Part 1: Application of ISO/IEC 3850...
1 Scope
This document provides guiding principles for members of governing bodies of organizations (which can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient, and acceptable use of data within their organizations by
— applying the governance principles and model of ISO/IEC 38500 to the governance of data,
— assuring stakeholders that, if the…
Information technology — Security techniques — Governance of information security
1 Scope
This Recommendation | International Standard provides guidance on concepts and principles for the governance of information security, by which organisations can evaluate, direct, monitor and communicate the information security related activities within the organisation.
This International Standard is applicable to all types and sizes of organisations
Information technology — Security techniques — Information security risk management
This document provides guidelines for information security risk management.
This document supports the general concepts specified in ISO/IEC 27001 and is designed to assist the satisfactory implementation of information security based on a risk management approach.
Knowledge of the concepts, models, processes and terminologies described in ISO/IEC 27001 and ISO/IEC 27002 is important for a…
Information technology - Security techniques - Information security risk management
This document provides guidelines for information security risk management.
This document supports the general concepts specified in ISO/IEC 27001 and is designed to assist the satisfactory implementation of information security based on a risk management approach.
Knowledge of the concepts, models, processes and terminologies described in ISO/IEC 27001 and ISO/IEC 27002 is important for a…