标准编号:ISO/IEC 27009:2020
中文名称:信息安全、网络安全和隐私保护 ISO/IEC 27001的具体应用 要求
英文名称:Information security, cybersecurity and privacy protection — Sector-specific application of ISO/IEC 27001 — Requirements
发布日期:2020-04
标准范围
This document specifies the requirements for creating sector-specific standards that extend
ISO/IEC 27001, and complement or amend ISO/IEC 27002 to support a specific sector (domain,
application area or market).
This document explains how to:
— include requirements in addition to those in ISO/IEC 27001,
— refine or interpret any of the ISO/IEC 27001 requirements,
— include controls in addition to those of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002,
— modify any of the controls of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002,
— add guidance to or modify the guidance of ISO/IEC 27002.
This document specifies that additional or refined requirements do not invalidate the requirements in
ISO/IEC 27001.
This document is applicable to those involved in producing sector-specific standards.
立即下载标准文件