SS-ISO/IEC-27036-2 › Information technology - Security techniques - Information security for supplier relationships - Part 2: Requirements (ISO 27036-2:2014, IDT)
The following bibliographic material is provided to assist you with your purchasing decision:
This part of ISO/IEC 27036 specifies fundamental information security requirements for defining, implementing, operating, monitoring, reviewing, maintaining and improving supplier and acquirer relationships.These requirements cover any procurement and supply of products and services, such as manufacturing or assembly, business process procurement, software and hardware components, knowledge process procurement, Build-Operate-Transfer and cloud computing services.These requirements are intended to be applicable to all organizations, regardless of type, size and nature.To meet these requirements, an organization should have already internally implemented a number of foundational processes, or be actively planning to do so. These processes include, but are not limited to, the following: governance, business management, risk management, operational and human resources management, and information security.
To find similar documents by classification:
33.040.40 (Data communication networks Including Packet Switched Public Data Networks (PSPDN) and Ethernet ISDN, see 33.080 OSI local, wide and metropolitan area networks, see 35.110 Modems, see 35.180)
This document comes with our free Notification Service, good for the life of the document.
This document is available in either Paper or PDF format.
Sept. 17, 2014