British Standards Institution

Source:: ISO/IEC
Committee:: IST/33/1 - Information Security Management Systems
Categories:
Number of comments:: 1

Scope

This document provides guidance on the use and development of attributes aligned to ISO/IEC 27002:2022. This guidance set out in this document is generic and is intended to be applicable to all organizations, regardless of type, size, or nature.

Excluded from this standard are aspects of conformity assessment.

Comment on proposal

Required form fields are indicated by an asterisk (*) character.

How important do you think standardization is in this area? *

Do you agree that a standard on this subject is feasible?: *

Please give reasons for your selections above: *

Would you or your organization use the standard? *

Would you or your organization be prepared to participate in the development of the standard or to comment on the draft when it is available? *

Are you aware of any regulation, existing standards and other good practice information in this area in the UK (e.g. Industry codes of practice; company specifications, international or European Standards)? *

Would the development of a standard(s) in this area have a particular impact/relevance to SME, consumer, environmental or societal interests? *

Are you aware of any other organizations to which this proposal may be relevant? If so please provide details below. *

Additional comments on the scope or proposal:

Although BSI will not usually enter into correspondence regarding individual comments or suggestions we may wish to contact you to seek further clarification. Please indicate whether this will be acceptable: *

Discard

Please email further comments to: debbie.stead@bsigroup.com

Standard timeline

1. Proposal (Complete)

Proposal start date:

2. Draft (Complete)

Draft start date:

12/11/2024

3. Public Comments

Public Comments start date:

24/01/2025

Public Comments end date:

10/03/2025

Learn more about the standards development process

Standards Development

BS EN ISO/IEC 27028 Information security, cyber security and privacy protection — Guidance on ISO/IEC 27002 attributes

Scope

Comment on proposal

Discard changes?

Submit comment

Submit comment

Follow standard

Unfollow standard

Error