BSI PAS 555:2013

$84.94

Cyber security risk. Governance and management. Specification

Published By	Publication Date	Number of Pages
BSI	2013	32

Guaranteed Safe Checkout

Category: BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

This PAS specifies a framework for the governance and management of cyber security risk.

The requirements of this PAS define the overall outcomes of effective cyber security, and include technical, physical, cultural and behavioural measures alongside effective leadership and governance.

While there are many standards and guidelines available that can help tackle cyber security risk, they tend to define good practice as to how elements of effective cyber security might be achieved. PAS 555 does not specify such processes or actions – it allows any organization to choose how it achieves the specified outcomes, whether that be through the adoption of other standards and management systems, such as BS ISO/IEC 27001, or through its own defined processes.

Since the PAS 555 framework defines the outcomes of effective cyber security, it is less likely to change over time whereas the way in which the outcomes are achieved can change.

The PAS is intended for any organization that wishes to establish confidence in its cyber security governance and management. It is applicable to all organizations regardless of their size, type and the nature of their business.

PDF Catalog

PDF Pages	PDF Title
3	Contents
5	Foreword
6	Executive summary
8	0 Introduction
9	1 Scope 2 Terms and definitions
12	3 Management structure 4 Commitment to a cyber security culture 5 Security context 6 Business architecture strategy 7 Capability development strategy 8 Supplier and partner strategy 9 Technology strategy 10 Business resilience 11 Compliance with legislation and other standards
13	12 Risk assessment 12.1 General 12.2 Asset management 12.3 Threat assessment 12.4 Vulnerability assessment 13 Protection and mitigation 13.1 People security 13.2 Physical security 13.3 Technical security 13.4 Resilience preparedness
14	14 Detection and response 14.1 External awareness 14.2 Internal monitoring 14.3 Protective monitoring 14.4 Cyber security incident management 15 Recovery 15.1 Investigation 15.2 Data integrity reassurance 15.3 Business-as-usual restoration 15.4 Legal process 16 Compliance analysis and continual improvement
15	Annex A (informative) Achieving compliance with PAS 555
21	Annex B (informative) PAS 555 application scenarios
22	Annex C (informative) Sample supplier/partner cyber security competence assessment report
27	Bibliography

Additional information

Status	Definitive
Pages	32
Publication Date	2013-05-31
ISBN	978 0 580 78755 3
Standard Number	PAS 555:2013
Title	Cyber security risk. Governance and management. Specification
Descriptors	Information exchange, Computer networks, Data processing, Anti-burglar measures, Data storage protection, Computers, Risk analysis, Computer hardware, Risk assessment, Data security, Computer software, Management, Business continuity
Publisher	BSI
Committee	ZZ/1
ICS Codes	35.030 - IT Security

Preview PDF


PDF Format	Searchable	Printable	Preview Now

BSI PAS 555:2013

PDF Catalog

Related products