What is EN ISO 27013:2017 ?

EN ISO 27036-2:2018 is an essential standard for organizations that work with external suppliers. The purpose of this international standard is to provide guidelines for managing the risks associated with information security when engaging with these suppliers. It is part of the ISO/IEC 27000 series, which is a set of global standards for managing information security.

The standard is divided into two parts. EN ISO 27036-2:2018, which is the first part, provides general guidance on information security management for suppliers. It covers topics such as the management of risks, the selection of appropriate controls, and the documentation of information security management processes.

The second part of the standard, EN ISO 27036-2:2018, is focused specifically on the management of risks associated with information security in supplier relationships. It provides guidance on how organizations should assess and manage the risks associated with their third-party vendors and outsourcing processes.

How EN ISO 27013:2017 Can Help OrganizationsThe key aspect of EN ISO 27013:2017 is its ability to provide a proactive approach to information security management. It encourages organizations to identify and mitigate risks before they become a problem, rather than simply reacting to them.

EN ISO 27013:2017 also emphasizes the importance of continuous improvement in information security management systems. It encourages organizations to regularly review and update their security controls to ensure that they are effective in managing the risks associated with their information assets.

ConclusionEN ISO 27015:2018 and EN ISO 27036-2:2018 are two important standards that can help organizations improve their information security management systems. By following the guidelines outlined in these standards, organizations can effectively manage risks, protect sensitive information, and strengthen their overall security posture.