Information security, cybersecurity and privacy protection - Guidelines for applying ISO/IEC 27001 and related standards in support of cyber insurance
NORMA vydaná dňa 13.8.2019
Označenie normy: ISO/IEC 27102-ed.1.0
Dátum vydania normy: 13.8.2019
Počet strán: 18
Približná hmotnosť: 54 g (0.12 libier)
Krajina: Medzinárodná technická norma
Kategória: Technické normy ISO
This document provides guidelines when considering purchasing cyber-insurance as a risk treatment option to manage the impact of a cyber-incident within the organization’s information security risk management framework, as well as leveraging the organization’s ISMS when sharing relevant data and information with an insurer.
This document gives guidelines for:
a) considering the purchase of cyber insurance as a risk treatment option to share cyber risks;
b) leveraging cyber insurance to assist in managing the impact of a cyber incident;
c) sharing of data and information between the insured and an insurer to support underwriting, monitoring and claims activities associated with a cyber insurance policy;
d) leveraging an ISMS when sharing relevant data and information with an insurer. This document is applicable to organizations that intend to purchase cyber insurance, regardless of type, size or sector.