Category ISO Standards

A Strategic Framework for Managing Cyber Risk through Insurance ISO/IEC 27102: A Strategic Framework for Cyber Insurance ISO/IEC 27102 provides guidelines for information security management regarding cyber insurance. As cyber threats grow in frequency and sophistication, organizations increasingly turn to…

A comprehensive framework for cybersecurity and privacy protection in IoT ecosystems 1. Scope and Purpose of ISO/IEC 27400:2022 ISO/IEC 27400:2022 provides comprehensive guidelines for cybersecurity, privacy, and data protection in the Internet of Things (IoT) ecosystem. Published by ISO/IEC JTC…

Baseline security requirements for IoT devices and gateways with capability class framework 1. Overview of ISO/IEC 27402:2023 ISO/IEC 27402:2023 specifies baseline security requirements for IoT devices and IoT gateways. Unlike the guideline-level 27400, this standard defines concrete, auditable requirements organised…

Preparing Your Organization for Legally Defensible Electronic Discovery Introduction: The Imperative for E-Discovery Readiness ISO/IEC 27050-4 addresses a critical operational capability for modern organizations: ICT readiness for electronic discovery. When litigation, regulatory investigation, or internal audit triggers a legal hold…

Requirements for establishing trust frameworks for identity management and digital services ISO/IEC 27070:2021 specifies requirements for establishing trust frameworks that enable interoperable identity management and secure digital services across organizational and national boundaries. A trust framework is a standardized set…

Building a Foundation of Trust in the Internet of Things Era Introduction: Trust in a Hyperconnected World ISO/IEC 27071 addresses one of the most pressing security challenges of the connected era: establishing trusted connections between devices and services. As the…

A Modern Framework for PKI Governance and Certificate Lifecycle Management Introduction: The Evolving Landscape of PKI Governance ISO/IEC 27099 establishes a comprehensive framework for public key infrastructure (PKI) policy and practice structuring. In an era where digital identities underpin everything…

Foundational Concepts and Terminology for Electronic Discovery (eDiscovery) ISO/IEC 27050-1:2019 serves as the foundational document for the ISO/IEC 27050 series on electronic discovery, providing essential concepts, terminology, and an overview of the eDiscovery landscape. As legal and regulatory frameworks increasingly…

Establishing Effective ESI Governance Programs for Electronic Discovery ISO/IEC 27050-2:2018 builds on the foundational concepts established in Part 1 to provide detailed guidance on the governance of electronically stored information (ESI) for electronic discovery purposes. Effective governance is the cornerstone…

Operational Best Practices and Code of Practice for Electronic Discovery ISO/IEC 27050-3:2020 represents the operational heart of the ISO/IEC 27050 series, providing a comprehensive code of practice for the day-to-day activities involved in electronic discovery. Where Part 1 provides concepts…