Reference number
ISO/IEC 27009:2020
© ISO 2024
ISO/IEC 27009:2020
Information security, cybersecurity and privacy protection — Sector-specific application of ISO/IEC 27001 — Requirements
Edition 2
2020-04
Withdrawn
Withdrawn (Edition 2, 2020)

Abstract

This document specifies the requirements for creating sector-specific standards that extend ISO/IEC 27001, and complement or amend ISO/IEC 27002 to support a specific sector (domain, application area or market).

This document explains how to:

— include requirements in addition to those in ISO/IEC 27001,

— refine or interpret any of the ISO/IEC 27001 requirements,

— include controls in addition to those of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002,

— modify any of the controls of ISO/IEC 27001:2013, Annex A and ISO/IEC 27002,

— add guidance to or modify the guidance of ISO/IEC 27002.

This document specifies that additional or refined requirements do not invalidate the requirements in ISO/IEC 27001.

This document is applicable to those involved in producing sector-specific standards.

General information

  • Status
     : Withdrawn
    Publication date
     : 2020-04
    Stage
    : Withdrawal of International Standard [95.99]
  • Edition
     : 2
    Number of pages
     : 18
  • Technical Committee :
    ISO/IEC JTC 1/SC 27
    ICS :
    35.030 
  • RSS updates

Life cycle

Got a question?

Check out our Help and Support

  2. Store
  3. Standards catalogue
  4. ICS
  5. 35
  6. 35.030
  7. ISO/IEC 27009:2020