ISO & IEC

Question 1

ISO 9001:2015 Quality management systems

Answer 1

Standard for implementing and maintaining a quality management system.

Question 2

ISO/IEC 27000:2016 Information technology – Security techniques – Information security management systems – Overview and vocabulary

Answer 2

Provides an overview and common vocabulary for information security management systems (ISMS).

Question 3

ISO/IEC 27001:2013 Information technology – Security techniques – Information security management systems

Answer 3

Specifies the requirements for establishing, implementing, maintaining, and continually improving an ISMS.

Question 4

ISO/IEC 27002:2013 Information technology – Security techniques – Code of practice (CoP) for information security controls

Answer 4

Provides guidelines and best practices for implementing security controls based on the ISO/IEC 27001 requirements.

Question 5

ISO/IEC 27004:2016 Information technology – Security techniques – Information security management – Monitoring, measurement, analysis, and evaluation

Answer 5

Provides guidance on how to measure and assess the effectiveness of an organization’s information security management system.

Question 6

ISO/IEC 27005:2011 Information technology – Security techniques – Information Security Risk Management

Answer 6

Provides guidelines for establishing and maintaining a systematic approach to risk management in information security.

Question 7

ISO 31000:2009 Enterprise Risk Management – Principles and guidelines

Answer 7

Provides principles and guidelines for implementing a systematic and integrated approach to risk management in organizations.

Question 8

ISO/IEC 20000:2018 Information technology — Service management (ITIL)

Answer 8

Standard for managing IT service management systems and aligning them with business requirements.

Question 9

ISO 15408 Common Criteria

Answer 9

Provides a framework for evaluating the security of IT products and systems.

Question 10

ISO 15489 Information and documentation – Records management and retention of records

Answer 10

Provides guidance on records management and the retention of records.

Question 11

ISO 19011:2018 Guidelines for auditing management systems

Answer 11

Provides guidance on auditing various management systems, including information security management systems

Question 12

ISO 22301:2012 Societal security – Business continuity management systems – Requirements

Answer 12

Specifies the requirements for implementing a business continuity management system.

Question 13

ISO/IEC 27031:2011 Information technology - Security techniques - Guidelines for information and communication technology readiness for business continuity

Answer 13

Provides guidance on ensuring the readiness of information and communication technology for business continuity.

Question 14

ISO/IEC 17025 Testing and Calibration Laboratories

Answer 14

Standard for testing and calibration laboratories, including those in the field of digital forensics.

Question 15

ISO/IEC 27035 Information technology - Security techniques - Information security incident management

Answer 15

Provides guidance on managing information security incidents effectively.

Question 16

ISA99 Industrial Automation and Control Systems Security

Answer 16

Provides guidelines for securing industrial automation and control systems.

Question 17

ISA/IEC 62443 Series: Industrial automation and control systems

Answer 17

A series of standards addressing the security of industrial automation and control systems.