🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BSI 22/30437363 DC 2022

BSI 22/30437363 DC 2022

$13.70

BS ISO/IEC 27036-3. Cybersecurity. Supplier relationships – Part 3. Guidelines for information and communication technology supply chain security

Published By Publication Date Number of Pages
BSI 2022 49
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

PDF Catalog

PDF Pages PDF Title
7 Foreword
8 Introduction
9 1 Scope
2 Normative references
3 Terms and definitions
10 4 Structure of this standard
5 Key concepts
5.1 Business case for hardware, software, and services supply chain security
11 5.2 Hardware, software, and services supply chain risks and associated threats
5.3 Acquirer and supplier relationship types
12 5.4 Organizational capability
5.5 System life cycle processes
13 5.6 ISMS processes in relation to system life cycle processes
14 5.7 ISMS information security controls in relation to hardware, software, and services supply chain security
5.8 Essential hardware, software, and services supply chain security practices
15 6 Hardware, software, and services supply chain security in life cycle processes
6.1 Agreement processes
6.1.1 Acquisition process
18 6.1.2 Supply process
19 6.2 Organizational project-enabling processes
6.2.1 Life cycle model management process
6.2.2 Infrastructure management process
20 6.2.3 Project portfolio management process
6.2.4 Human resource management process
21 6.2.5 Quality management process
6.2.6 Knowledge management process
22 6.3 Technical management processes
6.3.1 Project planning process
6.3.2 Project assessment and control process
6.3.3 Decision management process
23 6.3.4 Risk management process
6.3.5 Configuration management process
24 6.3.6 Information management process
6.3.7 Measurement process
6.3.8 Quality assurance process
25 6.4 Technical processes
6.4.1 Business or mission analysis process
6.4.2 Stakeholder needs and requirements definition process
26 6.4.3 System requirements definition process
6.4.4 Architecture definition process
27 6.4.5 Design definition process
28 6.4.6 System analysis process
6.4.7 Implementation process
29 6.4.8 Integration process
6.4.9 Verification process
30 6.4.10 Transition process
31 6.4.11 Validation process
32 6.4.12 Operation process
6.4.13 Maintenance process
33 6.4.14 Disposal process
35 Annex A (informative) Summary of Supply and Acquisition Processes from ISO/IEC 15288 and ISO/IEC 12207
42 Annex B (informative) Correspondence between ISO/IEC 27002 controls and ISO/IEC 27036-3 subclauses
44 Annex C (informative) Essential elements of a software bill of materials (SBoM)
49 Bibliography

Related products

BSI 22/30437363 DC 2022
$13.70