El estado de las normas se codifica en base a unos acrónimos que ISO tiene identificados y que son:
- 1.PWI = Preliminary Work Item - initial feasibility and scoping activities
- 2.NP = New Proposal (or study period) - formal scoping phase
- 3.WD = Working Draft (1st WD, 2nd WD etc.) - development phase
- 4.CD = Committee Draft (1st CD, 2nd CD etc.)- quality control phase
- 5.FCD = Final Committee Draft - ready for final approval.
- 6.DIS = Draft International Standard - nearly there. Stage 40.
- 7.FDIS = Final Draft or Distribution International Standard - just about ready to publish. Stage 50.
- 8.IS = International Standard - published. Stage 60.
- 9. Under revisión. Stage 90.
Como podréis comprobar en la siguiente relación de normas, hay bastantes ya en el Stage 40 y 50 lo que indica que pronto pueden ver la luz. La situación actual del marco internacional de normas ISO 27000 es:
- ISO/IEC FCD 27000.
Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary. Stage:40.99 - ISO/IEC 27001:2005.
Information technology -- Security techniques -- Information security management systems -- Requirements. Stage:60.60 - ISO/IEC 27002:2005
Information technology -- Security techniques -- Code of practice for information security management. Stage:90.92 - ISO/IEC FCD 27003
Information technology -- Information security management system implementation guidance. Stage:40.20 - ISO/IEC FCD 27004.2
Information technology -- Security techniques -- Information security management -- Measurement. Stage:40.20 - ISO/IEC 27005:2008
Information technology -- Security techniques -- Information security risk management. Stage:60.60 - ISO/IEC 27006:2007
Information technology -- Security techniques -- Requirements for bodies providing audit and certification of information security management systems. Stage:60.60 - ISO/IEC WD 27007
Guidelines for Information security management systems auditing. Stage:20.60 - ISO/IEC FDIS 27011
Information technology -- Information security management guidelines for telecommunications organizations based on ISO/IEC 27002. Stage:50.60 - ISO/IEC NP 27012
Information technology - Security techniques -- ISM guidelines for e-government services. Stage:10.99 - ISO/IEC NP 27032
Guidelines for cybersecurity. Stage:10.99 - ISO/IEC NP 27033
Information technology -- IT Network security.Stage:10.99 - ISO/IEC CD 27033-1
Information technology -- Security techniques -- IT network security -- Part 1: Guidelines for network security. Stage:30.60 - ISO/IEC WD 27033-2
Information technology -- Security techniques -- IT network security -- Part 2: Guidelines for the design and implementation of network security. Stage:20.60 - ISO/IEC WD 27033-3
Information technology -- Security techniques -- IT network security -- Part 3: Reference networking scenarios -- Risks, design techniques and control issues. Stage:20.60 - ISO/IEC NP 27033-4
Information technology -- Security techniques -- IT network security -- Part 4: Securing communications between networks using security gateways - Risks, design techniques and control issues. Stage:10.99 - ISO/IEC NP 27033-5
Information technology -- Security techniques -- IT network security -- Part 5: Securing Remote Access - Risks, design techniques and control issues. Stage:10.99 - ISO/IEC NP 27033-6
Information technology -- Security techniques -- IT network security -- Part 6: Securing communications across networks using Virtual Private Networks (VPNs) -- Risks, design techniques and control issues. Stage:10.99 - ISO/IEC NP 27033-7
Information technology -- Security techniques -- IT network security -- Part 7: Guidelines for securing (specific networking technology topic heading(s) to be inserted3) -- Risks, design techniques and control issues. Stage:10.99 - ISO/IEC NP 27034
Guidelines for application security. Stage:10.99 - ISO/IEC NP 27037
Information technology - Security techniques -- on Information security management: Sector to sector interworking and communications for industry and government . Stage:10.99
El detalle de los diferentes escalones dentro de cada nivel o stage lo podéis consultar en Stages ISO.
No hay comentarios:
Publicar un comentario