User:I62aysac/sandbox

ISO/IEC 27032
ISO/IEC 27032 is an information security standard, part of the ISO/IEC 27000 family of standards covers the field of Cybersecurity, and was published in 2012 by ISO (International Organization for Standardization). This International Standard provides an overview of Cybersecurity, explanation of the relationship between Cybersecurity and other types of security, definition of stakeholders and a framework to enable stakeholders to collaborate on resolving Cybersecurity issues.

ISO/IEC 27032:2012 provides guidance for improving the state of Cybersecurity, drawing out the unique aspects of that activity and its dependencies on other security domains, in particular:


 * Information security,
 * Network security,
 * Internet security, and
 * critical information infrastructure protection (CIIP)

This standard will be replaced by ISO/IEC WD 27032 but it is still under development.

Standard structure
The standard develops the following sections:
 * 1) Scope
 * 2) Applicability
 * 3) Normative references
 * 4) Terms and definitions
 * 5) Abbreviated terms
 * 6) Overview
 * 7) Stakeholders in the Cyberspace
 * 8) Assets in the Cyberspace
 * 9) Threats against the security of the Cyberspace
 * 10) Roles of stakeholders in Cybersecurity
 * 11) Guidelines of stakeholders
 * 12) Cybersecurity controls
 * 13) Framework of information sharing and coordination


 * Annex A Cybersecurity readliness
 * Annex B Additional resources
 * Annex C Examples of related documents

Main differences between ISO 27001 and ISO 27032
ISO/IEC 27032 is not a standard that you can certify; perhaps this is one of the most important differences with respect to ISO/IEC 27001, which allows certifying an Information Security Management System (ISMS).

Therefore, both standards have different objectives, ISO 27032 mainly aims to provide a guide for cybersecurity through specific recommendations, while ISO 27001 sets requirements to establish an ISMS. So, the focus of ISO 27001 is your organization and its ISMS, while ISO 27032 focuses on cyberspace and is a framework for collaboration and to address issues focused on different security domains in cyberspace.