Scope:
This document specifies the requirements for creating sector-specific standards that extend ISO/IEC 27001, and complement or amend ISO/IEC 27002 to support a specific sector (domain, application area or market).
This document explains how to:
— include requirements in addition to those in ISO/IEC 27001,
— refine or interpret any of the ISO/IEC 27001 requirements,
— include controls in addition to those of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002,
— modify any of the controls of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002,
— add guidance to or modify the guidance of ISO/IEC 27002.
- General Information
- Preview
| Standard number | MS ISO/IEC 27009:2020 |
| Title and Sub-titles | Information technology - Security techniques - Sector specific application of ISO/IEC 27001 - Requirements |
| Status | Current |
| Replaces | MS ISO/IEC 27009:2016 |
| Replaced by | |
| Edition | Second |
| Technical Committee | MSB/TC 5 - Information Technology |
| ICS | 35.030 |
| Publication date | 2020/10/17 |
| Corrected version | |
| Government Notice No. | General Notice No. 1484 of 2020 |
| Number of Pages | 18 |
| Amendments/ Corrigendums | |
| Availability | Yes |
| Note |