Customer Service:
Mon - Fri: 8:30 am - 6 pm EST
Back
Standards PDF Cover Page preview

 Historical

ISO/IEC 27009:2020

Information security, cybersecurity and privacy protection - Sector-specific application of ISO/IEC 27001 - Requirements

This document specifies the requirements for creating sector-specific standards that extend ISO/IEC 27001, and complement or amend ISO/IEC 27002 to support a specific sector (domain, application area or market).

This document explains how to:

— include requirements in addition to those in ISO/IEC 27001,

— refine or interpret any of the ISO/IEC 27001 requirements,

— include controls in addition to those of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002,

— modify any of the controls of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002,

— add guidance to or modify the guidance of ISO/IEC 27002.

This document specifies that additional or refined requirements do not invalidate the requirements in ISO/IEC 27001.

This document is applicable to those involved in producing sector-specific standards.

Available for Subscriptions Available in Packages

Content Provider
International Organization for Standardization [iso]

Others Also Bought

ISO/IEC 27001:2022
Information security, cybersecurity and privacy protection - Information security management systems - Require ...
Add to cart
Document History
Revises:
Included in Packages
This standard is also available in these packages:
Amendments & Corrections
We have no amendments or corrections for this standard.
ANSI Logo

As the voice of the U.S. standards and conformity assessment system, the American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.

Useful Links
CUSTOMER SERVICE
NEW YORK OFFICE
ANSI HEADQUARTERS
2024 © American National Standards Institute (ANSI) All Rights Reserved.