标准编号:ISO/IEC 27036-2:2014
中文名称:信息技术 安全技术 供应商关系的信息安全 第2部分:要求
英文名称:Information technology — Security techniques — Information security for supplier relationships — Part 2: Requirements
发布日期:2014-08
标准范围
This part of ISO/IEC 27036 specifies fundamental information security requirements for defining,implementing, operating, monitoring, reviewing, maintaining and improving supplier and acquirerrelationships.These requirements cover any procurement and supply of products and services, such as manufacturingor assembly, business process procurement, software and hardware components, knowledge processprocurement, Build-Operate-Transfer and cloud computing services.These requirements are intended to be applicable to all organizations, regardless of type, size andnature.To meet these requirements, an organization should have already internally implemented a number offoundational processes, or be actively planning to do so. These processes include, but are not limited to,the following: governance, business management, risk management, operational and human resourcesmanagement, and information security.
标准预览图
立即下载标准文件