BS ISO/IEC 27036-3:2023 – TC
$217.84
Tracked Changes. Cybersecurity. Supplier relationships – Guidelines for information and communication technology supply chain security
| Published By | Publication Date | Number of Pages |
| BSI | 2023 | 110 |
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 68 | undefined |
| 73 | Foreword |
| 74 | Introduction |
| 75 | 1 Scope 2 Normative references 3 Terms and definitions |
| 76 | 4 Structure 5 Key concepts 5.1 Business case for hardware, software, and services supply chain security |
| 77 | 5.2 Hardware, software, and services supply chain risks and associated threats 5.3 Acquirer and supplier relationship types |
| 78 | 5.4 Organizational capability 5.5 System life cycle processes |
| 79 | 5.6 ISMS processes in relation to system life cycle processes |
| 80 | 5.7 ISMS controls in relation to hardware, software, and services supply chain security 5.8 Essential hardware, software, and services supply chain security practices |
| 81 | 6 Hardware, software, and services supply chain security in life cycle processes 6.1 Agreement processes 6.1.1 Acquisition process |
| 83 | 6.1.2 Supply process |
| 85 | 6.2 Organizational project-enabling processes 6.2.1 Life cycle model management process 6.2.2 Infrastructure management process |
| 86 | 6.2.3 Project portfolio management process 6.2.4 Human resource management process |
| 87 | 6.2.5 Quality management process 6.2.6 Knowledge management process 6.3 Technical management processes 6.3.1 Project planning process |
| 88 | 6.3.2 Project assessment and control process 6.3.3 Decision management process 6.3.4 Risk management process |
| 89 | 6.3.5 Configuration management process |
| 90 | 6.3.6 Information management process 6.3.7 Measurement process 6.3.8 Quality assurance process 6.4 Technical processes 6.4.1 Business or mission analysis process 6.4.2 Stakeholder needs and requirements definition process |
| 91 | 6.4.3 System requirements definition process |
| 92 | 6.4.4 System architecture definition process |
| 93 | 6.4.5 Design definition process 6.4.6 System analysis process 6.4.7 Implementation process |
| 94 | 6.4.8 Integration process 6.4.9 Verification process |
| 95 | 6.4.10 Transition process |
| 96 | 6.4.11 Validation process |
| 97 | 6.4.12 Operation process 6.4.13 Maintenance process |
| 98 | 6.4.14 Disposal process |
| 100 | Annex A (informative) Correspondence between the controls in ISO/IEC 27002 and this document |
| 103 | Annex B (informative) Essential elements of a software bill of materials |
| 108 | Bibliography |
Related products
-
BS ISO/IEC 27036-2:2022 – TC 2023
Tracked Changes. Cybersecurity. Supplier relationships – Requirements Published By Publication Date Number of Pages BSI…
-
BS ISO 27026:2023 – TC
Tracked Changes. Space systems. Programme management. Breakdown of project management structures Published By Publication Date…
-
BS ISO/IEC 27032:2023 – TC
Tracked Changes. Cybersecurity. Guidelines for Internet security Published By Publication Date Number of Pages BSI…
-
BS ISO/IEC 27036-1:2021 – TC
Tracked Changes. Cybersecurity. Supplier relationships – Overview and concepts Published By Publication Date Number of…
-
BS ISO/IEC 27006:2015 – TC:2020 Edition
Tracked Changes. Information technology. Security techniques. Requirements for bodies providing audit and certification of information…
-
BS ISO/IEC 27033-1:2015 – TC:2020 Edition
Tracked Changes. Information technology. Security techniques. Network security – Overview and concepts Published By Publication…
-
BS ISO 27306:2016 – TC:2020 Edition
Tracked Changes. Metallic materials. Method of constraint loss correction of CTOD fracture toughness for fracture…
-
BS ISO/IEC 27035-1:2023 – TC
Tracked Changes. Information technology. Information security incident management – Principles and process Published By Publication…
