||PAS 555 offers a framework that defines the outcomes of good cyber security practice. It
extends beyond the technical aspects of cyber security to encompass physical and people
security aspects as well.
||The Cloud Security Alliance’s Cloud Controls Matrix (CCM) is a set of controls designed to
maximise the security of information for organisations that take advantage of Cloud
||ISO / IEC 27001 specifies a management system that is intended to bring information security
under management control and gives specific requirements. Organizations that meet the
requirements may be certified by an accredited certification body following successful
completion of an audit.
||ISO / IEC 27002 provides best practice recommendations on information security controls for
use by those responsible for initiating, implementing or maintaining information security
management systems (ISMS). Information security is defined within the standard in the
context of the C-I-A triad.
||Guidelines for cybersecurity
||ISO / IEC 27031 describes the concepts and principles of ICT readiness for business
continuity, and provides a framework of methods and processes to identify and specify all
aspects for improving an organization's ICT readiness to ensure business continuity.
||ISO 22301:2012 sets out the requirements for a business continuity management system (BCMS).
It specifies requirements to plan, establish, implement, operate, monitor,
review, maintain and continually improve a documented management system to protect against,
reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive
incidents when they arise.
||Standard of Good Practice (SoGP) en Cyber Resilience Framework
||COBIT (Control Objectives for Information and Related Technologies) is a Leading framework
for the governance and management of enterprise IT.
|NIST - Cybersecurity Framework
||ISO 9001 is the international standard that sets out the criteria for a quality management
system (QMS). Based on seven quality management principles, the Standard will help you to
continually monitor and manage quality across all of your operations, as well as
benchmarking your organisation’s performance and service.
||ISO 20000, is the international IT service management (ITSM) standard that enables IT
organisations (whether in-house, outsourced or external) to ensure that their ITSM processes
are aligned both with the needs of the business and with international best practice.
||ISO31000 is the International Standard for risk management. It provides principles and
practices for generic risk management that can be employed whatever the sector, type or
location of the organisation.
||ISO/IEC 27035 is the international Standard for incident management. Incident management
forms the crucial first stage of cyber resilience. While cyber security management systems
are designed to protect your organisation, it is essential to be prepared to respond quickly
and effectively when something does go wrong.