ISOR:Clouddiensten - Tabel Internationale standaarden

Uit NORA Online
Ga naar: navigatie, zoeken
Dit is een tabel bij BIO Thema-uitwerking Clouddiensten

Deze tabel behoort bij versie 1.0 en 1.1. In versie 2.0 is de tabel komen te vervallen.

Eigenaar Documentnaam Referentie Versie
BSI
Bundesamt für Sicherheit in der Informationstechnik www.bsi.bund.de/DE/Home/home_node.html
Cloud ComputingCompliance Controls Catalogue (C5)
Criteria to assess the information security of cloud services
www.bsi.bund.de/C5
BSI C5 Feb. 2016
IT-Grundschutz
BSI Standard 200-1 Information Security management System (ISMS)
BSI Standard 200-2 IT Grundschutz Methodology
BSI-Standard 200-3 Risk Analysis based on IT-Grundschutz
BSI Standard 200-4 Business Continuity Management (BCM)
www.bsi.bund.de/DE/Themen/ITGrundschutz/ITGrundschutzKataloge/itgrundschutzkataloge_node.html
BSI ITG 2013
CSA
Cloud Security Alliance
https://cloudsecurityalliance.org
Cloud Controls Matrix (CCM)
NB: laatste versie is 3.0.1
CSA CCM 1.01
Okt. 2010
ISA
International Society of Automation
www.isa.org
ISA-62443-2-1-2009
Security for Industrial Automation and Control Systems: Establishing anIndustrial Automation and Control Systems Security Program
www.isa.org/templates/one-column.aspx?pageid=111294&productId=116731
ISA-62443-2-1 2009
ISO
International Organization for Standardization
www.iso.org/home.html
ISO/IEC 17788:2014
Information technology - Cloud computing - Overview and vocabulary
www.iso.org/standard/60544.html
ISO17788 2014
ISO/IEC 17789:2014
Information technology - Cloud computing - Reference architecture
www.iso.org/standard/60545.html
ISO17789 2014
ISO/IEC 17826:2016
Information technology - Cloud Data Management Interface (CDMI)
www.iso.org/standard/70226.html
ISO17826 2016
ISO/IEC 18033-1:2015
Information technology - Security techniques - Encryption algorithms - Part 1: General
www.iso.org/standard/54530.html
ISO18033-1 2015
ISO/IEC 18033-2:2006
Information technology - Security techniques - Encryption algorithms - Part 2: Asymmetric ciphers
www.iso.org/standard/37971.html
ISO18033-2 2006
ISO/IEC 19941:2017
Information technology - Cloud computing - Interoperability and portability
www.iso.org/standard/66639.html
ISO19941 2017
ISO/IEC 27003:2017
Information technology - Security techniques - Information securitymanagement systems – Guidance
www.iso.org/standard/63417.html
ISO27003 2017
ISO/IEC 27005:2018
Information technology - Security techniques - Information security riskmanagement
www.iso.org/standard/75281.html
ISO27005 2011
ISO/IEC 27017:2015
Information technology - Security techniques - Code of practice forinformation security controls based on ISO/IEC 27002 for cloud services
www.iso.org/standard/43757.html
ISO27017 2015
ISO/IEC 27018:2019
Information technology — Security techniques - Code of practice forprotection of personally identifiable information (PII) in public cloud sacting as PII processors
www.iso.org/standard/76559.html
ISO27018 2019
ISO/IEC27036-1:2014
Information technology - Security techniques - Information security forsupplier relationships - Part 1: Overview and concepts
www.iso.org/standard/59648.html
ISO27036-1 2014
ISF
Information Security Forum
www.securityforum.org
Standard of GoodPractice
Standard of Good Practice for Information Security 2018
www.securityforum.org/uploads/2016/07/SoGP-2016-Exec-Summary-FINAL-260716.pdf
SoGP 2017
itSMF
https://itsmfuk.site-ym.com
ITIL 3
ITIL 3 Foundation Handbook (print version - pack of 10)
https://itsmfuk.site-ym.com/store/ViewProduct.aspx?id=13263525
ITIL 3 3
ITU
International Telecommunication Union
www.itu.in
ITU-T FG-Cloud TR
Focus Group on Cloud Computing (FG Cloud Technical Report)
Part 1: Introduction to the cloud ecosystem: definitions, taxonomies, usecases and highlevel requirement
www.itu.int/dms_pub/itu-t/opb/fg/T-FG-CLOUD-2012-P1-PDF-E.pdf
Part 2: Functional requirements and referencearchitecture
www.itu.int/dms_pub/itu-t/opb/fg/T-FG-CLOUD-2012-P2-PDF-E.pdf
Part 3: Requirements and framework architecture ofcloud infrastructure
www.itu.int/dms_pub/itu-t/opb/fg/T-FG-CLOUD-2012-P3-PDF-E.pdf
Part 4: Cloud Resource Management Gap Analysis
www.itu.int/dms_pub/itu-t/opb/fg/T-FG-CLOUD-2012-P4-PDF-E.pdf
Part 5: Cloud security
www.itu.int/dms_pub/itu-t/opb/fg/T-FG-CLOUD-2012-P5-PDF-E.pdf
Part 6: Overview of SDOs involved in cloud computing
www.itu.int/dms_pub/itu-t/opb/fg/T-FG-CLOUD-2012-P6-PDF-E.pdf
Part 7: Cloud computing benefits fromtelecommunication and ICT perspective
www.itu.int/dms_pub/itu-t/opb/fg/T-FG-CLOUD-2012-P7-PDF-E.pdf
ITU-T FG Cloud Px 1.0
2012
NIST
National Institute of Standards and Technology (U.S. Department of Commerce)
www.nist.gov
Meerdere standards
www.nist.gov/services-resources/standards-and-measurements
NIST
Teletrust
(Bundesverband IT-Sicherheit e.V)
www.teletrust.de
Richtlijn State of the art in IT Security (Stand der Technik in der IT-Sicherheit)
https://www.teletrust.de/fileadmin/docs/fachgruppen/2019-06_TeleTrusT_Richtlijn_State_of_the_art_in_IT_security_NLD.pdf
SotA 2019
Overzicht internationale standaarden