Abstract
ISO/IEC 27009:2016 defines the requirements for the use of ISO/IEC 27001 in any specific sector (field, application area or market sector). It explains how to include requirements additional to those in ISO/IEC 27001, how to refine any of the ISO/IEC 27001 requirements, and how to include controls or control sets in addition to ISO/IEC 27001:2013, Annex A.
It ensures that additional or refined requirements are not in conflict with the requirements in ISO/IEC 27001.
It is applicable to those involved in producing sector-specific standards that relate to ISO/IEC 27001.
-
Status: WithdrawnPublication date: 2016-06
-
Edition: 1Number of pages: 9
-
Technical Committee: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
-
- ICS :
- 35.030 IT Security
This may also interest you
News
With cyber threats on the rise putting businesses and industries at risk, it is more important than ever that organizations protect their information and that of their customers. It is no surprise, then, …
Got a question?
Check out our FAQs
Customer care
+41 22 749 08 88
Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)
Keep up to date with ISO
Sign up to our newsletter for the latest news, views and product information.