Michele Moss, Booz Allen Hamilton - Build Security In
Michele Moss, Booz Allen Hamilton - Build Security In
Michele Moss, Booz Allen Hamilton - Build Security In
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Existing and Emerging Practices<br />
ISO/IEC 27036, <strong>In</strong>formation Technology – <strong>Security</strong> Techniques –<br />
<strong>In</strong>formation <strong>Security</strong> for Supplier Relationships<br />
• Addresses Acquirer and Supplier<br />
practices<br />
• Applies to all types of organizations<br />
e.g., commercial, public sector,<br />
non-profit and all types of supplier<br />
relationships that may have security<br />
implications<br />
• Harmonized with ISO standards for<br />
system/software engineering and<br />
information security<br />
• Parts 1-3 are currently Draft<br />
<strong>In</strong>ternational Standard, Part 4 is<br />
Working Draft<br />
Part 1 – Overview and Concepts<br />
Part 3 –<br />
Guidelines for<br />
ICT Supply<br />
Chain <strong>Security</strong><br />
Part 2 –Requirements<br />
Part 4 –<br />
Guidelines for<br />
<strong>Security</strong> of<br />
Cloud Services<br />
19<br />
© 2012 Utilities Telecom Council