{"id":157,"date":"2024-01-20T17:22:36","date_gmt":"2024-01-20T17:22:36","guid":{"rendered":"http:\/\/localhost:9000\/?page_id=157"},"modified":"2024-01-20T17:22:36","modified_gmt":"2024-01-20T17:22:36","slug":"prehlad-standardov-iso-iec-27000","status":"publish","type":"page","link":"http:\/\/localhost:9000\/prehlad-standardov-iso-iec-27000","title":{"rendered":"Preh\u013ead \u0161tandardov ISO\/IEC 27000"},"content":{"rendered":"\n

ISO\/IEC normy radu 27000 predstavuj\u00fa medzin\u00e1rodn\u00e9 \u0161tandardy v oblasti riadenia informa\u010dnej bezpe\u010dnosti odvoden\u00e9 od britsk\u00fdch \u0161tandardov radu BS 7799. Uveden\u00fd preh\u013ead obsahuje n\u00e1zvy a ozna\u010denia jednotliv\u00fdch noriem spolu s ich stru\u010dn\u00fdm opisom. Z\u00edska\u0165 samotn\u00e9 normy alebo viac inform\u00e1ci\u00ed je mo\u017en\u00e9 na webovom s\u00eddle Medzin\u00e1rodnej organiz\u00e1cie pre \u0161tandardiz\u00e1ciu ISO<\/a>. <\/p>\n\n\n\n

V s\u00fa\u010dasnosti platn\u00e9 normy:<\/h2>\n\n\n\n

ISO\/IEC 27000: 2018<\/h3>\n\n\n\n

Information technology — Security techniques — Information security management systems — Overview and vocabulary<\/em><\/strong><\/p>\n\n\n\n

ISO\/IEC 27000: 2018 poskytuje preh\u013ead syst\u00e9mov mana\u017e\u00e9rstva informa\u010dnej bezpe\u010dnosti (SMIB) a  z\u00e1kladne pojmy a defin\u00edcie be\u017ene pou\u017e\u00edvan\u00e9 v \u0161tandardoch radu 27000. Je aplikovate\u013en\u00fd na v\u0161etky typy a ve\u013ekosti organiz\u00e1ci\u00ed (vl\u00e1dne, komer\u010dn\u00e9, neziskov\u00e9).<\/p>\n\n\n\n

ISO\/IEC 27001:2013<\/h3>\n\n\n\n

Information technology — Security techniques — Information security management systems \u2013 Requirements<\/em><\/strong><\/p>\n\n\n\n

ISO\/IEC 27001:2013 \u0161pecifikuje po\u017eiadavky na vytvorenie, implement\u00e1ciu, udr\u017eiavanie a zlep\u0161ovanie SMIB v kontexte organiz\u00e1cie. Tie\u017e obsahuje po\u017eiadavky na posudzovanie a nar\u00e1banie s rizikami informa\u010dnej bezpe\u010dnosti. Po\u017eiadavky tejto normy s\u00fa generick\u00e9 a aplikovate\u013en\u00e9 na v\u0161etky organiz\u00e1cie nez\u00e1visle na ich type, ve\u013ekosti a charaktere.<\/p>\n\n\n\n

ISO\/IEC 27002:2013<\/h3>\n\n\n\n

Information technology — Security techniques — Code of practice for information security controls<\/em><\/strong><\/p>\n\n\n\n

ISO\/IEC 27002:2013 poskytuje pokyny pre \u0161tandardy informa\u010dnej bezpe\u010dnosti organiz\u00e1cie a praktiky riadenia informa\u010dnej bezpe\u010dnosti vr\u00e1tane v\u00fdberu, implement\u00e1cie a riadenia opatren\u00ed ber\u00fac do \u00favahy rizikov\u00e9 prostredia informa\u010dnej bezpe\u010dnosti organiz\u00e1cie. Je navrhnut\u00fd pre organiz\u00e1cie, ktor\u00e9 zam\u00fd\u0161\u013eaj\u00fa:<\/p>\n\n\n\n

    \n
  • v\u00fdber opatren\u00ed v r\u00e1mci procesu implement\u00e1cie SMIB zalo\u017een\u00e9ho na ISO\/IEC 27001,<\/li>\n\n\n\n
  • implement\u00e1ciu v\u0161eobecne akceptovan\u00fdch opatren\u00ed informa\u010dnej bezpe\u010dnosti,<\/li>\n\n\n\n
  • v\u00fdvoj vlastn\u00fdch smern\u00edc pre informa\u010dn\u00fa bezpe\u010dnos\u0165.<\/li>\n<\/ul>\n\n\n\n

    ISO\/IEC 27003:2017<\/h3>\n\n\n\n

    Information technology — Security techniques — Information security management system implementation — Guidance<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC 27003:2017 sa zameriava na kritick\u00e9 aspekty \u00faspe\u0161n\u00e9ho n\u00e1vrhu a implement\u00e1cie SMIB v s\u00falade s ISO\/IEC 27001:2013. Popisuje proces \u0161pecifik\u00e1cie a n\u00e1vrhu SMIB od po\u010diatku a\u017e po vytvorenie pl\u00e1nu implement\u00e1cie.<\/p>\n\n\n\n

    ISO\/IEC 27004:2016<\/h3>\n\n\n\n

    Information technology — Security techniques — Information security management \u2013 Monitoring, measurement, analysis and evaluation<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC 27004:2016 poskytuje n\u00e1vod pre v\u00fdvoj a pou\u017e\u00edvanie metr\u00edk a merania pre pos\u00fadenie efektivity implementovan\u00e9ho SMIB a opatren\u00ed \u0161pecifikovan\u00fdch v ISO\/IEC 27001.<\/p>\n\n\n\n

    ISO\/IEC 27005:2018<\/h3>\n\n\n\n

    Information technology — Security techniques — Information security risk management<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC 27005:2018 poskytuje n\u00e1vod pre riadenie riz\u00edk informa\u010dnej bezpe\u010dnosti. Podporuje v\u0161eobecn\u00e9 koncepty \u0161pecifikovan\u00e9 v ISO\/IEC 27001 a je navrhnut\u00fd tak, aby podporoval implement\u00e1ciu informa\u010dnej bezpe\u010dnosti zalo\u017eenej na riaden\u00ed riz\u00edk.<\/p>\n\n\n\n

    ISO\/IEC 27006:2015<\/h3>\n\n\n\n

    Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC 27006:2015 \u0161pecifikuje po\u017eiadavky a poskytuje n\u00e1vod pre organiz\u00e1cie poskytuj\u00face audit a certifik\u00e1cie SMIB.  \u0160tandard je prim\u00e1rne zameran\u00fd na podporu akredit\u00e1cie organiz\u00e1ci\u00ed poskytuj\u00facich certifik\u00e1ciu SMIB.<\/p>\n\n\n\n

    ISO\/IEC 27007: 2020<\/h3>\n\n\n\n

    Information technology — Security techniques — Guidelines for information security management systems auditing<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC 27007:2017 poskytuje n\u00e1vod a po\u017eiadavky pre riadenie programu auditov SMIB, vykon\u00e1vanie auditov a kompetencie aud\u00edtorov SMIB.<\/p>\n\n\n\n

     ISO\/IEC TS 27008:2019<\/h3>\n\n\n\n

    Information technology — Security techniques — Guidelines for auditors on information security controls<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC TS 27008:2019 poskytuje n\u00e1vod na presk\u00famavanie a posudzovanie implement\u00e1cie a prev\u00e1dzky opatren\u00ed, vr\u00e1tane technick\u00e9ho s\u00faladu opatren\u00ed informa\u010dnej bezpe\u010dnosti.<\/p>\n\n\n\n

     ISO\/IEC 27009:2020<\/h3>\n\n\n\n

    Information technology — Security techniques–<\/em>Sector-specificapplication of ISO\/IEC 27001 \u2013Requirements<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC 27009:2016 definuje po\u017eiadavky na pou\u017e\u00edvanie ISO \/ IEC 27001 v ka\u017edom \u0161pecifickom sektore (oblas\u0165 pou\u017eitia alebo trhov\u00fd sektor). Vysvet\u013euje, ako zahrn\u00fa\u0165 dodato\u010dn\u00e9 po\u017eiadavky k po\u017eiadavk\u00e1m v ISO \/ IEC 27001, ako zdokonali\u0165 niektor\u00fa z po\u017eiadaviek a ako zahrn\u00fa\u0165 opatrenia alebo s\u00fabory opatren\u00ed navy\u0161e k ISO \/ IEC 27001. T\u00e1to medzin\u00e1rodn\u00e1 norma zabezpe\u010duje, \u017ee dodato\u010dn\u00e9 alebo vylep\u0161en\u00e9 po\u017eiadavky nie s\u00fa v rozpore s po\u017eiadavkami normy ISO \/ IEC 27001. Cie\u013eovou skupinou tejto medzin\u00e1rodnej normy s\u00fa subjekty, ktor\u00e9 vyr\u00e1baj\u00fa odvetvovo \u0161pecifick\u00e9 normy, ktor\u00e9 sa t\u00fdkaj\u00fa ISO \/ IEC 27001.<\/p>\n\n\n\n

    ISO\/IEC 27010:2015<\/h3>\n\n\n\n

    Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC 27010:2015 poskytuje n\u00e1vod pre implement\u00e1ciu riadenia informa\u010dnej bezpe\u010dnosti v r\u00e1mci organiz\u00e1ci\u00ed zdie\u013eaj\u00facich inform\u00e1cie. Je aplikovate\u013en\u00fd na v\u0161etky formy v\u00fdmeny a zdie\u013eania citliv\u00fdch inform\u00e1ci\u00ed (verejn\u00e9, s\u00fakromn\u00e9, n\u00e1rodn\u00e9, medzin\u00e1rodn\u00e9, v r\u00e1mci odvetvia, alebo medzi jednotliv\u00fdmi sektormi).<\/p>\n\n\n\n

    ISO\/IEC 27011:2016<\/h3>\n\n\n\n

    Information technology — Security techniques — Information security management guidelines for telecommunications organizations based on ISO\/IEC 27002<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC 27011:2016 Cie\u013eom tohto n\u00e1vodu je podpori\u0165 implement\u00e1ciu riadenia informa\u010dnej bezpe\u010dnosti v telekomunika\u010dn\u00fdch organiz\u00e1ci\u00e1ch. Prijatie tohto \u0161tandardu umo\u017en\u00ed telekomunika\u010dn\u00fdm organiz\u00e1ci\u00e1m splni\u0165 z\u00e1kladn\u00e9 po\u017eiadavky na dostupnos\u0165, d\u00f4vernos\u0165 a integritu.<\/p>\n\n\n\n

    ISO\/IEC 27013:2015<\/h3>\n\n\n\n

    Information technology — Security techniques — Guidance on the integrated implementation of ISO\/IEC 27001 and ISO\/IEC 20000-1<\/em><\/strong><\/p>\n\n\n\n

    ISO\/IEC 27013:2015 poskytuje n\u00e1vod pre integrovan\u00fa implement\u00e1ciu ISO 27001 a ISO 20000-1 pre organiz\u00e1cie, ktor\u00e9 zam\u00fd\u0161\u013eaj\u00fa:<\/p>\n\n\n\n

      \n
    • implementova\u0165 ISO 27001 po predch\u00e1dzaj\u00facej implement\u00e1ci\u00ed ISO 20000-1 alebo opa\u010dne,<\/li>\n\n\n\n
    • implementova\u0165 s\u00fa\u010dasne ISO 27001 a ISO 20000-1,<\/li>\n\n\n\n
    • integrova\u0165 existuj\u00face ISO 27001 a ISO 20000-1 mana\u017e\u00e9rske syst\u00e9my.<\/li>\n<\/ul>\n\n\n\n

      ISO\/IEC 27014:2013<\/h3>\n\n\n\n

      Information technology — Security techniques — Governance of information security<\/em><\/strong><\/p>\n\n\n\n

      ISO\/IEC 27014:2013 poskytuje koncepty a princ\u00edpy  strategick\u00e9ho riadenia informa\u010dnej bezpe\u010dnosti (Governance) pomocou ktor\u00fdch m\u00f4\u017eu organiz\u00e1cie vyhodnocova\u0165, koordinova\u0165, monitorova\u0165 a komunikova\u0165 aktivity s\u00favisiace s informa\u010dnou bezpe\u010dnos\u0165ou.<\/p>\n\n\n\n

      ISO\/IEC TR 27016:2014<\/h3>\n\n\n\n

      Information technology — Security techniques — Information security management — Organizational economics<\/em><\/strong><\/p>\n\n\n\n

      ISO\/IEC TR 27016:2014 poskytuje n\u00e1vod pre organiz\u00e1cie pre tvorbu rozhodnut\u00ed o ochrane inform\u00e1ci\u00ed a pochopenie ekonomick\u00fdch d\u00f4sledkov t\u00fdchto rozhodnut\u00ed v kontexte konkuren\u010dn\u00fdch po\u017eiadaviek na zdroje.<\/p>\n\n\n\n

      ISO\/IEC 27017:2015<\/h3>\n\n\n\n

      Information technology — Security techniques — Code of practice for information security controls for cloud computing services based on ISO\/IEC 27002<\/em><\/strong><\/p>\n\n\n\n

       ISO\/IEC 27017:2015 je k\u00f3dexom postupov, ktor\u00fd poskytuje dodato\u010dn\u00e9 odpor\u00fa\u010dania na implement\u00e1ciu opatren\u00ed informa\u010dnej bezpe\u010dnosti nad r\u00e1mec toho, \u010do je uveden\u00e9 v ISO \/ IEC 27002, v kontexte cloud computingu. \u0160tandard rad\u00ed z\u00e1kazn\u00edkom cloudov\u00fdch slu\u017eieb aj poskytovate\u013eom cloudov\u00fdch slu\u017eieb, pri\u010dom v ka\u017edom oddieli s\u00fa uveden\u00e9 prim\u00e1rne pokyny. <\/p>\n\n\n\n

      ISO\/IEC 27018:2019<\/h3>\n\n\n\n

      Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors<\/em><\/strong><\/p>\n\n\n\n

      ISO\/IEC 27018:2014 ustanovuje v\u0161eobecne prijat\u00e9 ciele riadenia, opatrenia a n\u00e1vod pre implement\u00e1ciu opatren\u00ed na ochranu osobn\u00fdch \u00fadajov (Personally Identifiable Information) v s\u00falade s princ\u00edpmi ochrany s\u00fakromia v ISO\/IEC 29100 pre verejn\u00e9 cloudy.<\/p>\n\n\n\n

      ISO\/IEC 27019:2017<\/h3>\n\n\n\n

      Information technology — Security techniques — Information security management guidelines based on ISO\/IEC 27002 for process controls systems specific to the energy utility industry<\/em><\/strong><\/p>\n\n\n\n

      ISO\/IEC TR 27019:2017 poskytuje n\u00e1vod zalo\u017een\u00fd na ISO\/IEC 27002 na aplik\u00e1ciu riadenia informa\u010dnej bezpe\u010dnosti na riadiace a kontroln\u00e9 syst\u00e9my pou\u017e\u00edvan\u00e9 v energetickom priemysle.<\/p>\n\n\n\n

      ISO\/IEC 27021:2017<\/h3>\n\n\n\n

      Information technology — Security techniques —<\/em> Competence requirements for information security management professionals<\/em><\/strong><\/p>\n\n\n\n

      ISO\/IEC 27021:2017 sa t\u00fdka sp\u00f4sobilost\u00ed po\u017eadovan\u00fdch alebo o\u010dak\u00e1van\u00fdch od odborn\u00edkov, ktor\u00ed riadia ISMS v s\u00falade s normami ISO \/ IEC 27001, 27002, 27005 a 27007.Norma ne\u0161pecifikuje syst\u00e9m osobnej certifik\u00e1cie alebo kvalifik\u00e1cie ako tak\u00fd, ale v skuto\u010dnosti sl\u00fa\u017ei ako referencia pre org\u00e1ny, ktor\u00e9 tak\u00e9to syst\u00e9my prev\u00e1dzkuj\u00fa. Norma nezah\u0155\u0148a sp\u00f4sobilos\u0165 aud\u00edtora.<\/p>\n\n\n\n

       ISO\/IEC CD 27022<\/h3>\n\n\n\n

      Information technology — <\/em>Guidance on infromation security management system processes<\/em><\/strong><\/p>\n\n\n\n

      V pr\u00edprave.<\/p>\n\n\n\n

      ISO\/IEC TR 27023:2015<\/h3>\n\n\n\n

      Information technology — Security techniques — Mapping the revised editions of ISO\/IEC 27001 and ISO\/IEC 27002<\/em><\/strong><\/p>\n\n\n\n

       ISO\/IEC 27023:2015 mapuje alebo porovn\u00e1va vydania z roku 2013 pod\u013ea noriem ISO \/ IEC 27001 a ISO \/ IEC 27002 s predch\u00e1dzaj\u00facimi vydaniami, pri\u010dom uv\u00e1dza, kde sa p\u00f4vodn\u00e1 sekcia skon\u010dila.<\/p>\n\n\n\n

       ISO\/IEC 27030<\/h3>\n\n\n\n

      Information technology — Security techniques —<\/em>Guidelines for security and privacy in Internet of Things (IoT)<\/em><\/strong><\/p>\n\n\n\n

      V pr\u00edprave.<\/p>\n\n\n\n

      ISO\/IEC 27031:2011<\/h3>\n\n\n\n

      Information technology — Security techniques — Guidelines for information and communication technology readiness for business continuity<\/em><\/strong><\/p>\n\n\n\n

      ISO\/IEC 27031:2011 popisuje koncepty a princ\u00edpy pripravenosti IKT  na kontinuitu \u010dinnost\u00ed a poskytuje r\u00e1mec met\u00f3d a procesov pre identifik\u00e1ciu a \u0161pecifik\u00e1ciu v\u0161etk\u00fdch aspektov (krit\u00e9ri\u00ed v\u00fdkonnosti, n\u00e1vrhu a implement\u00e1cie) pre zlep\u0161ovanie pripravenosti IKT organiz\u00e1cie na zaistenie kontinuity \u010dinnost\u00ed.<\/p>\n\n\n\n

      ISO\/IEC 27032:2012<\/h3>\n\n\n\n

      Information technology — Security techniques — Guidelines for cybersecurity<\/em><\/strong><\/p>\n\n\n\n

      ISO\/IEC 27032:2012 poskytuje n\u00e1vod pre zlep\u0161ovanie stavu kybernetickej bezpe\u010dnosti popisuj\u00fac \u0161pecifick\u00e9 aspekty tejto aktivity a jej z\u00e1vislosti na ostatn\u00fdch oblastiach bezpe\u010dnosti, ako napr.:<\/p>\n\n\n\n

        \n
      • informa\u010dn\u00e1 bezpe\u010dnos\u0165,<\/li>\n\n\n\n
      • sie\u0165ov\u00e1 bezpe\u010dnos\u0165,<\/li>\n\n\n\n
      • bezpe\u010dnos\u0165 internetu,<\/li>\n\n\n\n
      • ochrana kritickej informa\u010dnej infra\u0161trukt\u00fary (CIIP).<\/li>\n<\/ul>\n\n\n\n

        ISO\/IEC 27033-1:2015<\/h3>\n\n\n\n

        Information technology — Security techniques — Network security — Part 1: Overview and concepts<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27033-1:2015 poskytuje preh\u013ead sie\u0165ovej bezpe\u010dnosti a s\u00favisiacich defin\u00edci\u00ed.<\/p>\n\n\n\n

        ISO\/IEC 27033-2:2012<\/h3>\n\n\n\n

        Information technology — Security techniques — Network security — Part 2: Guidelines for the design and implementation of network security<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27033-2:2012 poskytuje n\u00e1vod pre pl\u00e1novanie, n\u00e1vrh, implement\u00e1ciu a dokumentovanie sie\u0165ovej bezpe\u010dnosti v organiz\u00e1cii.<\/p>\n\n\n\n

        ISO\/IEC 27033-3:2010<\/h3>\n\n\n\n

        Information technology — Security techniques — Network security — Part 3: Reference networking scenarios — Threats, design techniques and control issues<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27033-3:2010 popisuje hrozby, techniky n\u00e1vrhu a probl\u00e9my s\u00favisiace s opatreniami s\u00favisiacimi s referen\u010dn\u00fdmi sie\u0165ov\u00fdmi scen\u00e1rmi. Pre ka\u017ed\u00fd scen\u00e1r poskytuje detailn\u00fd n\u00e1vod pre nar\u00e1banie s bezpe\u010dnostn\u00fdmi hrozbami, technikami n\u00e1vrhu opatren\u00ed a opatreniami na minimaliz\u00e1ciu s\u00favisiacich riz\u00edk.<\/p>\n\n\n\n

        ISO\/IEC 27033-4:2014<\/h3>\n\n\n\n

        Information technology — Security techniques — Network security — Part 4: Securing communications between networks using security gateways<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27033-4:2014 poskytuje n\u00e1vod pre zabezpe\u010denie komunik\u00e1cie medzi sie\u0165ami pou\u017eit\u00edm bezpe\u010dnostn\u00fdch br\u00e1n (firewall, aplika\u010dn\u00fd firewall, IPS) v s\u00falade s dokumentovanou politikou informa\u010dnej bezpe\u010dnosti.<\/p>\n\n\n\n

        ISO\/IEC 27033-5:2013<\/h3>\n\n\n\n

        Information technology — Security techniques — Network security — Part 5: Securing communications across networks using Virtual Private Networks (VPNs)<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27033-5:2013 poskytuje n\u00e1vod pre v\u00fdber, implement\u00e1ciu a monitorovanie technick\u00fdch opatren\u00ed potrebn\u00fdch na zaistenie sie\u0165ovej bezpe\u010dnosti vyu\u017eit\u00edm pripojen\u00ed virtu\u00e1lnej s\u00fakromnej siete (VPN) na prepojenie siet\u00ed a pripojenie vzdialen\u00fdch pou\u017e\u00edvate\u013eov do t\u00fdchto siet\u00ed.<\/p>\n\n\n\n

         ISO\/IEC 27033-6:2016<\/h3>\n\n\n\n

        Information technology — Security techniques — Network security — Part 6: <\/em> Securing wireless IP network access<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27033-6:2016 popisuje hrozby, bezpe\u010dnostn\u00e9 po\u017eiadavky, bezpe\u010dnostn\u00e9 opatrenia a sp\u00f4soby n\u00e1vrhu bezdr\u00f4tov\u00fdch siet\u00ed. Je relevantn\u00e1 pre v\u0161etk\u00fdch pracovn\u00edkov, ktor\u00ed sa podie\u013eaj\u00fa na podrobnom pl\u00e1novan\u00ed, navrhovan\u00ed a implement\u00e1cii bezpe\u010dnosti bezdr\u00f4tov\u00fdch siet\u00ed (napr\u00edklad sie\u0165ov\u00ed architekti a dizajn\u00e9ri, spr\u00e1vcovia siet\u00ed a pracovn\u00edci pre bezpe\u010dnos\u0165 siete).<\/p>\n\n\n\n

        ISO\/IEC 27034-1:2011<\/h3>\n\n\n\n

        Information technology — Security techniques — Application security — Part 1: Overview and concepts<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27034-1:2011 poskytuje organiz\u00e1ci\u00e1m pomoc pri integrovan\u00ed bezpe\u010dnosti do procesov na riadenie aplik\u00e1ci\u00ed. Poskytuje preh\u013ead aplika\u010dnej bezpe\u010dnosti, oboznamuje s defin\u00edciami, konceptmi, princ\u00edpmi a procesmi s\u00favisiacimi s aplika\u010dnou bezpe\u010dnos\u0165ou.<\/p>\n\n\n\n

        ISO\/IEC 27034-2:2015<\/h3>\n\n\n\n

        Information technology — Security techniques — Application security — Part 2: <\/em>Organization normative framework<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27034-2:2015 vysvet\u013euje \u0161trukt\u00faru, vz\u0165ahy a vz\u00e1jomn\u00e9 z\u00e1vislosti medzi procesmi v organiza\u010dnom normat\u00edvnom r\u00e1mci (ONF) – s\u00fabor polit\u00edk, postupov, rol\u00ed a n\u00e1strojov s\u00favisiacich s bezpe\u010dnos\u0165ou aplik\u00e1ci\u00ed. Cie\u013eom normy je usmer\u0148ova\u0165 organiz\u00e1cie pri navrhovan\u00ed, implement\u00e1cii, prev\u00e1dzke a audite ich ONF; <\/p>\n\n\n\n

        ISO\/IEC 27034-3:2018<\/h3>\n\n\n\n

        Information technology — Security techniques — Application security — Part 3: <\/em>Application security management process<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27034-3:2018 opisuje proces riadenia bezpe\u010dnosti aplik\u00e1ci\u00ed, t. j. celkov\u00fd proces riadenia bezpe\u010dnosti pre ka\u017ed\u00fa konkr\u00e9tnu aplik\u00e1ciu pou\u017e\u00edvan\u00fa organiz\u00e1ciou;<\/p>\n\n\n\n

        ISO\/IEC 27034-4<\/h3>\n\n\n\n

        Information technology — Security techniques –Application security — Part 4: <\/em>Validation and verification<\/em><\/strong><\/p>\n\n\n\n

        V pr\u00edprave.<\/p>\n\n\n\n

        ISO\/IEC 27034-5:2017<\/h3>\n\n\n\n

        Information technology — Security techniques — Application security — Part 5: <\/em>Protocols and application security control data structure<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27034-5:2017 definuje d\u00e1tov\u00fa \u0161trukt\u00faru Application Security Control (ASC), ktor\u00e1 poskytuje po\u017eiadavky, popisy, grafick\u00e9 reprezent\u00e1cie a XML sch\u00e9my pre d\u00e1tov\u00fd model. Sch\u00e9ma XML zalo\u017een\u00e1 na norme ISO \/ TS 15000: Elektronick\u00fd obchodn\u00fd eXtensible Markup Language ebXML, je ur\u010den\u00fd ako \u0161tandardn\u00fd form\u00e1t v\u00fdmeny pre ASC.<\/p>\n\n\n\n

        ISO\/IEC 27034-5-1:2018<\/h3>\n\n\n\n

        Information technology — Security techniques \u2013 Application security — Part 5-1: <\/em>Protocols and application security control data structure, XML schemas<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27034-5-1:2018  sch\u00e9my XML implementuj\u00fa minim\u00e1lny s\u00fabor po\u017eiadaviek na inform\u00e1cie a z\u00e1kladn\u00e9 atrib\u00faty ASC a aktivity a \u00falohy referen\u010dn\u00e9ho modelu \u017eivotn\u00e9ho cyklu aplik\u00e1cie Security Security z \u010dasti 5.<\/p>\n\n\n\n

        ISO\/IEC 27034-6:2016<\/h3>\n\n\n\n

        Information technology — Security techniques–<\/em>Application security — Part 6: <\/em>Case studies<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27034-6:2016 poskytuje pr\u00edklady, ako by mohli by\u0165 vyvinut\u00e9 a zdokumentovan\u00e9 bezpe\u010dnostn\u00e9 opatrenia aplik\u00e1ci\u00ed (ASC), ktor\u00e9 definuj\u00fa, ako sa m\u00e1 v priebehu v\u00fdvoja softv\u00e9ru rie\u0161i\u0165 bezpe\u010dnos\u0165 inform\u00e1ci\u00ed.<\/p>\n\n\n\n

        ISO\/IEC 27034-7:2018<\/h3>\n\n\n\n

        Information technology — Security techniques– Application security — Part 7:<\/em>Application security assurance prediction framework<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27034-7:2018 sa t\u00fdka r\u00e1mca poskytuj\u00faceho z\u00e1ruku potrebn\u00fa na zabezpe\u010denie d\u00f4very v bezpe\u010dnostn\u00fdch opatreniach po\u010d\u00edta\u010dov\u00e9ho programu, napr\u00edklad ke\u010f sa jeden program  spolieha na in\u00fd (napr. syst\u00e9m spr\u00e1vy datab\u00e1z, obslu\u017en\u00fd program, opera\u010dn\u00fd syst\u00e9m alebo sprievodn\u00fd program) na vykon\u00e1vanie kritick\u00fdch bezpe\u010dnostn\u00fdch funkci\u00ed (ako napr\u00edklad autentifik\u00e1cia u\u017e\u00edvate\u013ea, riadenie logick\u00e9ho pr\u00edstupu alebo kryptografia), alebo ke\u010f organiz\u00e1cia aktualizuje alebo opravuje d\u00f4veryhodn\u00fd program;<\/p>\n\n\n\n

        ISO\/IEC 27035-1:2016<\/h3>\n\n\n\n

        Information technology — Security techniques — Information security incident management<\/em>— Part: 1 Principles of incident management<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27035-1: 2016 na\u010drt\u00e1va koncepcie a z\u00e1sady, na ktor\u00fdch sa zaklad\u00e1 riadenie incidentov v oblasti bezpe\u010dnosti inform\u00e1ci\u00ed, a zav\u00e1dza zost\u00e1vaj\u00facu \u010das\u0165 \/ normy. Popisuje proces riadenia incidentov informa\u010dnej bezpe\u010dnosti, ktor\u00fd sa sklad\u00e1 z piatich f\u00e1z a hovor\u00ed, ako zlep\u0161i\u0165 riadenie incidentov.<\/p>\n\n\n\n

         ISO\/IEC 27035-2:2016<\/h3>\n\n\n\n

        Information technology — Security techniques — Information security incident management — <\/em>Part: 2 Guidelines to plan and prepare for incident response<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27035-2:2016 sa t\u00fdka uistenia, \u017ee organiz\u00e1cia je skuto\u010dne pripraven\u00e1 primerane reagova\u0165 na incidenty v oblasti bezpe\u010dnosti inform\u00e1ci\u00ed, ktor\u00e9 sa e\u0161te m\u00f4\u017eu vyskytn\u00fa\u0165. Rie\u0161i r\u00e9torick\u00fa ot\u00e1zku \u201eSme pripraven\u00ed reagova\u0165 na incident?\u201c, a podporuje u\u010denie sa z incidentov s cie\u013eom zlep\u0161i\u0165 veci do bud\u00facnosti. Zah\u0155\u0148a f\u00e1zy pl\u00e1nu a pr\u00edpravy a pou\u010denia z procesu, ktor\u00fd je stanoven\u00fd v \u010dasti 1 – za\u010diatok a koniec.<\/p>\n\n\n\n

        ISO\/IEC 27035-3<\/h3>\n\n\n\n

        Information technology — Security techniques — Information security incident management — <\/em>Part: 3<\/em>Guidelines for incident response operations<\/em><\/strong><\/p>\n\n\n\n

        V pr\u00edprave.<\/p>\n\n\n\n

        ISO\/IEC 27036-1:2014<\/h3>\n\n\n\n

        Information technology — Security techniques — Information security for supplier relationships — Part 1: Overview and concepts<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27036-1:2014 poskytuje pomoc organiz\u00e1ci\u00e1m pri zabezpe\u010den\u00ed  ich inform\u00e1ci\u00ed a informa\u010dn\u00fdch syst\u00e9mov v kontexte vz\u0165ahov s dod\u00e1vate\u013emi.<\/p>\n\n\n\n

        ISO\/IEC 27036-2:2014<\/h3>\n\n\n\n

        Information technology — Security techniques — Information security for supplier relationships — Part 2:  Requirements<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27036-2:2014 \u0161pecifikuje z\u00e1kladn\u00e9 po\u017eiadavky informa\u010dnej bezpe\u010dnosti na definovanie, implementovanie, prev\u00e1dzku, monitorovanie, presk\u00famavanie, udr\u017eiavanie a zlep\u0161ovanie vz\u0165ahov s dod\u00e1vate\u013emi a nadob\u00fadate\u013emi.<\/p>\n\n\n\n

        ISO\/IEC 27036-3:2013<\/h3>\n\n\n\n

        Information technology — Security techniques — Information security for supplier relationships — Part 3: Guidelines for information and communication technology supply chain security<\/em><\/strong><\/p>\n\n\n\n

        ISO\/IEC 27036-3:2013 poskytuje n\u00e1vod pre dod\u00e1vate\u013eov a nadob\u00fadate\u013eov prostriedkov IKT na:<\/p>\n\n\n\n

          \n
        • z\u00edskanie preh\u013eadu a riadenie riz\u00edk informa\u010dnej bezpe\u010dnosti sp\u00f4soben\u00fdch fyzicky rozpt\u00fdlen\u00fdmi a mnoho vrstvov\u00fdmi dod\u00e1vate\u013esk\u00fdmi re\u0165azcami,<\/li>\n\n\n\n
        • reakciu na rizik\u00e1 vypl\u00fdvaj\u00face z glob\u00e1lneho dod\u00e1vate\u013esk\u00e9ho re\u0165azca prostriedkov IKT , ktor\u00e9 m\u00f4\u017eu ma\u0165 dopad na organiz\u00e1cie pou\u017e\u00edvaj\u00face tieto prostriedky IKT,<\/li>\n\n\n\n
        • integr\u00e1ciu procesov informa\u010dnej bezpe\u010dnosti do \u017eivotn\u00e9ho cyklu informa\u010dn\u00fdch syst\u00e9mov a softv\u00e9ru.<\/li>\n<\/ul>\n\n\n\n

          ISO\/IEC  27036-4:2016<\/h3>\n\n\n\n

          Information technology — Security techniques — Information security for supplier relationships — Part 4: Guidelines for security of Cloud services<\/em><\/strong><\/p>\n\n\n\n

           ISO\/IEC 27036-4:2016pon\u00faka poradenstvo v oblasti informa\u010dnej bezpe\u010dnosti pre dod\u00e1vate\u013eov a z\u00e1kazn\u00edkov cloudov\u00fdch slu\u017eieb. <\/p>\n\n\n\n

          ISO\/IEC 27037:2012<\/h3>\n\n\n\n

          Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27037:2012 poskytuje n\u00e1vod pre \u0161pecifick\u00e9 aktivity pri nar\u00e1ban\u00ed s digit\u00e1lnymi d\u00f4kazmi, ktor\u00fdmi s\u00fa identifik\u00e1cia, zber, z\u00edskanie a uchov\u00e1vanie potenci\u00e1lnych digit\u00e1lnych d\u00f4kazov, ktor\u00e9 m\u00f4\u017eu ma\u0165 d\u00f4kazn\u00fa hodnotu.<\/p>\n\n\n\n

          ISO\/IEC 27038:2014<\/h3>\n\n\n\n

          Information technology — Security techniques — Specification for digital redaction<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27038:2014 \u0161pecifikuje techniky vykon\u00e1vania digit\u00e1lnej redakcie elektronick\u00fdch dokumentov. Tie\u017e \u0161pecifikuje po\u017eiadavky na softv\u00e9rov\u00e9 n\u00e1stroje pou\u017e\u00edvan\u00e9 pri odstra\u0148ovan\u00ed citliv\u00fdch inform\u00e1ci\u00ed zo zverej\u0148ovan\u00fdch elektronick\u00fdch dokumentov a met\u00f3dy testovania bezpe\u010dn\u00e9ho odstra\u0148ovania t\u00fdchto inform\u00e1ci\u00ed.<\/p>\n\n\n\n

          ISO\/IEC 27039:2015<\/h3>\n\n\n\n

          Information technology — Security techniques — Selection, deployment and operations of intrusion detection systems (IDPS)<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27039:2015 poskytuje pokyny na pomoc organiz\u00e1ci\u00e1m pri pr\u00edprave na zavedenie syst\u00e9mov detekcie a\/alebo prevencie prienikov (IDPS). T\u00fdka sa najm\u00e4 v\u00fdberu, zav\u00e1dzania a prev\u00e1dzky IDPS. Poskytuje tie\u017e z\u00e1kladn\u00e9 inform\u00e1cie, z ktor\u00fdch s\u00fa tieto usmernenia odvoden\u00e9. <\/p>\n\n\n\n

          ISO\/IEC 27040:2015<\/h3>\n\n\n\n

          Information technology — Security techniques — Storage security<\/em><\/strong><\/p>\n\n\n\n

          Cie\u013eom ISO\/IEC 27040:2015 je pom\u00f4c\u0165  organiz\u00e1ci\u00e1m pri pl\u00e1novan\u00ed, n\u00e1vrhu, dokumentovan\u00ed a implement\u00e1ci\u00ed bezpe\u010dnosti \u00falo\u017en\u00fdch m\u00e9di\u00ed a pri ur\u010dovan\u00ed a o\u0161etrovan\u00ed s\u00favisiacich riz\u00edk informa\u010dnej bezpe\u010dnosti. Rozsah zah\u0155\u0148a bezpe\u010dnos\u0165 zariaden\u00ed a m\u00e9di\u00ed, bezpe\u010dnos\u0165 riadiacich \u010dinnost\u00ed s\u00favisiacich so zariadeniami a m\u00e9diami, aplik\u00e1ciami \/ slu\u017ebami a koncov\u00fdmi pou\u017e\u00edvate\u013emi, ako aj bezpe\u010dnos\u0165 inform\u00e1ci\u00ed pren\u00e1\u0161an\u00fdch cez komunika\u010dn\u00e9 prepojenia spojen\u00e9 s ukladan\u00edm. Norma popisuje rizik\u00e1 spojen\u00e9 s ukladan\u00edm \u00fadajov a opatrenia na zmiernenie t\u00fdchto riz\u00edk. <\/p>\n\n\n\n

          ISO\/IEC 27041:2015<\/h3>\n\n\n\n

          Information technology — Security techniques — Guidance on assuring suitability and adequacy of incident investigative methods<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27041:2015 poskytuje usmernenie o mechanizmoch na zabezpe\u010denie toho, aby met\u00f3dy a postupy pou\u017e\u00edvan\u00e9 pri vy\u0161etrovan\u00ed incidentov informa\u010dnej bezpe\u010dnosti boli \u201evhodn\u00e9 na dan\u00fd \u00fa\u010del\u201c. Zah\u0155\u0148a osved\u010den\u00e9 postupy pri definovan\u00ed po\u017eiadaviek, opisovan\u00ed met\u00f3d a poskytovan\u00ed d\u00f4kazov, \u017ee implement\u00e1cia met\u00f3d m\u00f4\u017ee preuk\u00e1za\u0165, \u017ee sp\u013a\u0148aj\u00fa po\u017eiadavky..<\/p>\n\n\n\n

          ISO\/IEC 27042:2015<\/h3>\n\n\n\n

          Information technology — Security techniques — Guidelines for the analysis and interpretation of digital evidence<\/em><\/strong><\/p>\n\n\n\n

          \u0160tandard ISO\/IEC 27042:2015 pon\u00faka n\u00e1vod na proces anal\u00fdzy a interpret\u00e1cie digit\u00e1lnych d\u00f4kazov, \u010do je samozrejme len \u010das\u0165 forenzn\u00e9ho procesu. Stanovuje v\u0161eobecn\u00fd r\u00e1mec zah\u0155\u0148aj\u00faci osved\u010den\u00e9 postupy v tejto oblasti.<\/p>\n\n\n\n

          ISO\/IEC 27043:2015<\/h3>\n\n\n\n

          Information technology — Security techniques — Incident investigation principles and processes<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27043:2015 poskytuje usmernenia zalo\u017een\u00e9 na idealizovan\u00fdch modeloch pre v\u0161eobecn\u00e9 procesy vy\u0161etrovania incidentov naprie\u010d r\u00f4znymi scen\u00e1rmi zah\u0155\u0148aj\u00face digit\u00e1lne d\u00f4kazy. Patria sem procesy od pr\u00edpravy pred incidentom a\u017e po vr\u00e1tenie , ako aj v\u0161etky v\u0161eobecn\u00e9 odpor\u00fa\u010dania a upozornenia na tak\u00e9to procesy.<\/p>\n\n\n\n

          ISO\/IEC 27045<\/h3>\n\n\n\n

          Information technology — Big data security and privacy — Processes<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27046<\/h3>\n\n\n\n

          Information technology — <\/em><\/strong>Big data security and privacy<\/em><\/strong> — Implementation guidelines<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27050-1:2019<\/h3>\n\n\n\n

          Information technology — Security techniques — Electronic discovery —<\/em> Part 1: <\/em>Overview and concepts<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27050-1:2016 poskytuje preh\u013ead o eDiscovery; definuje pojmy, koncepty, procesy at\u010f., ako napr\u00edklad elektronicky ulo\u017een\u00e9 inform\u00e1cie; zav\u00e1dza a definuje rozsah a kontext tejto viacdielnej normy;<\/p>\n\n\n\n

          ISO\/IEC 27050-2:2018<\/h3>\n\n\n\n

          Information technology — Security techniques — Electronic discovery —<\/em> Part 2:<\/em> Guidance for governance and management of electronic discovery<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27050-2:2018 vedenie mana\u017ementu pri identifik\u00e1cii a spracovan\u00ed informa\u010dn\u00fdch riz\u00edk s\u00favisiacich s eDiscovery, napr. stanoven\u00edm a uplat\u0148ovan\u00edm polit\u00edk s\u00favisiacich s eDiscovery a dodr\u017eiavan\u00edm pr\u00edslu\u0161n\u00fdch (v\u00e4\u010d\u0161inou pr\u00e1vnych) povinnost\u00ed a o\u010dak\u00e1van\u00ed.<\/p>\n\n\n\n

          ISO\/IEC 27050-3:2017<\/h3>\n\n\n\n

          Information technology — Security techniques —<\/em>Electronic discovery —<\/em> Part 3: <\/em>Code of practice for electronic discovery<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27050-3:2017identifikuje po\u017eiadavky a pon\u00faka usmernenie k identifik\u00e1cii elektronicky ulo\u017een\u00fdch inform\u00e1ci\u00ed (ESI) a ich uchov\u00e1vaniu, zberu, spracovaniu, presk\u00famavaniu, anal\u00fdze a tvorbe.<\/p>\n\n\n\n

          ISO\/IEC 27050-4<\/h3>\n\n\n\n

          Information technology — Security techniques — Electronic discovery —<\/em> Part 4: Technical readiness<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27070<\/h3>\n\n\n\n

          Information technology — Security techniques —<\/em>Security requirements for establishing virtualized roots of trust<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27071<\/h3>\n\n\n\n

          Information technology — Security techniques —<\/em>Security recommendations for establishing trusted connection between device and service<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27099<\/h3>\n\n\n\n

          Information technology — Security techniques —<\/em> Public key infrastructure – Practices and policy framework<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 270100<\/h3>\n\n\n\n

          Information technology — Security techniques —<\/em> Cybersecurity \u2013 Overview and concepts<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 270101<\/h3>\n\n\n\n

          Information technology — Security techniques —<\/em>Cybersecurity framework development guidelines<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 270102:2019<\/h3>\n\n\n\n

          Information security management — Guidelines for cyber insurance<\/em><\/strong><\/p>\n\n\n\n

          \u0160tandard ISO\/IEC 270102:2019 poskytuje pokyny pri zva\u017eovan\u00ed n\u00e1kupu kybernetick\u00e9ho poistenia, ako mo\u017enos\u0165 zn\u00ed\u017eenia dopadu kybernetick\u00e9ho incidentu v r\u00e1mci syst\u00e9mu riadenia riz\u00edk informa\u010dnej bezpe\u010dnosti organiz\u00e1cie. Je pou\u017eite\u013en\u00e1 pre organiz\u00e1cie v\u0161etk\u00fdch typov, ve\u013ekost\u00ed a charakteru, aby pomohol pri pl\u00e1novan\u00ed a k\u00fape kybernetick\u00e9ho poistenia.<\/p>\n\n\n\n

          ISO\/IEC TR 270103:2018<\/h3>\n\n\n\n

          Information technology — Security techniques —<\/em>Cybersecurityand ISO and IEC standards<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27034-3:2018 poskytuje inform\u00e1cie o tom, pre\u010do je d\u00f4le\u017eit\u00fd r\u00e1mec pre rizik\u00e1, priority, flexibilitu, zameranie na v\u00fdsledky a komunika\u010dn\u00fd r\u00e1mec pre kybernetick\u00fa bezpe\u010dnos\u0165. Potom opisuje ciele siln\u00e9ho r\u00e1mca kybernetickej bezpe\u010dnosti a zah\u0155\u0148a mapovanie existuj\u00facich noriem, ktor\u00e9 mo\u017eno pou\u017ei\u0165 na dosiahnutie t\u00fdchto cie\u013eov.<\/p>\n\n\n\n

          ISO\/IEC WD 27402<\/h3>\n\n\n\n

          Cybersecurity — IoT security and p<\/em>rivacy — Device baseline requirements<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27550:2019<\/h3>\n\n\n\n

          Information technology — Security techniques — <\/em>Privacy engineering for system life cycle processes<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27551<\/h3>\n\n\n\n

          Information technology — Security techniques —<\/em>Requirements for attribute-based unlinkable entity authentication<\/em><\/strong><\/p>\n\n\n\n

          ISO\/IEC 27550:2019 poskytuje usmernenia k ochrane s\u00fakromia, je ur\u010den\u00e9 na pomoc organiz\u00e1ci\u00e1m pri integr\u00e1ci\u00ed najnov\u0161\u00edch postupov, v oblasti ochrany s\u00fakromia, do procesov a syst\u00e9mov. Opisuje vz\u0165ah medzi s\u00fakromn\u00fdm in\u017einierstvom a in\u00fdmi in\u017einierskymi  h\u013eadiskami. Opisuje aj  riadenie znalost\u00ed, riadenie rizika, anal\u00fdza po\u017eiadaviek a n\u00e1vrh architekt\u00fary pri ochrane s\u00fakromia.<\/p>\n\n\n\n

          ISO\/IEC 27553<\/h3>\n\n\n\n

          Information technology — Security techniques —<\/em> Security requirements for authentication using biometrics on mobile devices<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27554<\/h3>\n\n\n\n

          Information technology — Security techniques — <\/em>Application of ISO 31000 for assessment of identity management-related risk<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27555<\/h3>\n\n\n\n

          Information security, cybersecurity and privacy protection —<\/em> Guidelines on personally identifiable information deletion<\/strong><\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27556<\/h3>\n\n\n\n

          Information technology —<\/em> Usercentric framework for the handling of personally identifiable information (PII) based on privacy preferences<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27558<\/h3>\n\n\n\n

          Information technology —<\/em> Requirements for bodies providing audit and certification of privacy information management systems accorsing to ISO\/IEC 27701 in combination with ISO\/IEC 27001<\/em><\/strong><\/p>\n\n\n\n

          V pr\u00edprave.<\/p>\n\n\n\n

          ISO\/IEC 27701:2019<\/h3>\n\n\n\n

          Security techniques —<\/em> Extension to ISO\/IEC 27001 and ISO\/IEC 27002 for privacy information management – Requirements and guidelines<\/em><\/strong><\/p>\n\n\n\n

          ISO 27701:2019 \u0161pecifikuje po\u017eiadavkya poskytuje n\u00e1vod na zriadenie, implement\u00e1ciu, \u00fadr\u017ebu a neust\u00e1le zlep\u0161ovanie syst\u00e9mu riadenia inform\u00e1ci\u00ed o ochrane s\u00fakromia (PIMS) vo forme roz\u0161\u00edrenia noriem ISO\/IEC 27001 a ISO\/IEC 27002 na spr\u00e1vu s\u00fakromia v organiz\u00e1ci\u00ed.<\/p>\n\n\n\n

          ISO 27799:2016<\/h3>\n\n\n\n

          Health informatics — Information security management in health using ISO\/IEC 27002<\/em><\/strong><\/p>\n\n\n\n

          ISO 27799:2016 poskytuje n\u00e1vod a podporu pri interpret\u00e1cii a implement\u00e1cii ISO 27002 do zdravotn\u00edckych organiz\u00e1ci\u00ed.<\/p>\n","protected":false},"excerpt":{"rendered":"

          ISO\/IEC normy radu 27000 predstavuj\u00fa medzin\u00e1rodn\u00e9 \u0161tandardy v oblasti riadenia informa\u010dnej bezpe\u010dnosti odvoden\u00e9 od britsk\u00fdch \u0161tandardov radu BS 7799. Uveden\u00fd…<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/pages\/157"}],"collection":[{"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/comments?post=157"}],"version-history":[{"count":1,"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/pages\/157\/revisions"}],"predecessor-version":[{"id":158,"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/pages\/157\/revisions\/158"}],"wp:attachment":[{"href":"http:\/\/localhost:9000\/wp-json\/wp\/v2\/media?parent=157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}