- Name:
- ISO/IEC 27013
- Titel (Deutsch):
- Informationssicherheit, Cybersicherheit und Datenschutz - Leitfaden für die integrierte Einführung von ISO/IEC 27001 und ISO/IEC 20000-1
- Titel (Englisch):
- Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1
- letzte Aktualisierung:
- :2021-11
- letzte Aktualisierung:
- 01.11.2021
- Seiten:
- 60
- Link (Herausgeber):
- https://www.beuth.de/de/norm/iso-iec-27013/348647003
Systematik
Beschreibung
Hinweis: Verweis auf ISO/IEC 27013 DAM 1:2023-09 - Entwurf - Änderung 1 (Link zum Herausgeber)
Contents
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Overview of and
Understanding and
concepts
concepts
Similarities and differences
5 Approaches for integrated implementation
General
Considerations of scope
Pre-implementation scenarios
General
Neither standard is currently used as the basis for a management system
The management system fulfils the requirements of one of the standards
Separate management systems exist which fulfil the requirements of each standard
6 Integrated implementation considerations
General
Potential challenges
Requirements and controls
Assets and configuration items
Service design and transition
Risk assessment and management
Risk and other parties
Incident management
Problem management
Gathering of evidence
Major incident management
Classification and escalation of incidents
Change management
Potential gains
Service level management and reporting
Management commitment and continual improvement
Capacity management
Management of third parties and related risk
Continuity and availability management
Release and deployment management