Information technology - Security techniques - Sector-specific application of ISO/IEC 27001 - Requirements
ISO/IEC 27009:2016 defines the requirements for the use of ISO/IEC 27001 in any specific sector (field, application area or market sector). It explains how to include requirements additional to those in ISO/IEC 27001, how to refine any of the ISO/IEC 27001 requirements, and how to include controls or control sets in addition to ISO/IEC 27001:2013, Annex A.
It ensures that additional or refined requirements are not in conflict with the requirements in ISO/IEC 27001.
It is applicable to those involved in producing sector-specific standards that relate to ISO/IEC 27001.
|Publication type||International Standard|
|TC/SC||ISO/IEC JTC 1/SC 27 - IT security techniquesrss|
|ICS||03.100.70 - Management systems |
03.120.20 - Product and company certification. Conformity assessment
35.030 - IT Security
|File size||448 KB|
Share your publications
Learn how to share your publications with your colleagues, using networking options.
Our prices are in Swiss francs (CHF). The following credit cards are accepted: American express, Mastercard and Visa. Request a pro forma to pay by bank transfer.
Keep in touch
Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.
Contact customer services
Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 17:00 CET Monday to Friday.