DIN Standards Committee Information Technology and IT Applications
DIN ISO/IEC 27009
Information technology - Security techniques - Sector-specific application of ISO/IEC 27001 - Requirements (ISO/IEC 27009:2016)
Informationstechnik - IT-Sicherheitsverfahren - Sektorspezifische Anwendung der ISO/IEC 27001 - Anforderungen (ISO/IEC 27009:2016)
Overview
DIN ISO/IEC 27009 provides guidance for the development of sector- or service-specific refinements of DIN ISO/IEC 27001. Since generic information security management according to DIN ISO/IEC 27001 does not reflect all the special features that shall be taken into account in some sectors, supplementary standards can be developed. To ensure that these standards are compatible with the generic ISMS according to ISO/IEC 27001, DIN ISO/IEC 27009 provides the corresponding guidance for creating such compatible supplementary standards.
Document: references other documents
Responsible national committee
NA 043-04-27-01 AK - Requirements, services and principles for IT Security management systems
Responsible international committee
ISO/IEC JTC 1/SC 27/WG 1 - Information security management systems