6. Differences between NIS2 and ISO/IEC 27001
ISO/IEC 27001 (2022) is an international standard that defines the requirements for establishing, implementing, maintaining and improving an information security management system (ISMS). It aims to guarantee the confidentiality, integrity and availability of an organization's information, based on 93 audit criteria. It enables organizations not only to demonstrate their commitment to information security, but also to reinforce the confidence of stakeholders, including customers and business partners. Figure 4 lists the ISO 27000 family of standards most widely used in all sectors.
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference
This article is included in
Environment
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Differences between NIS2 and ISO/IEC 27001
Bibliography
Standards and norms
- Information security, cybersecurity and privacy protection – Information security management systems – Requirements - ISO/IEC 27001 - 2022
- Information security, cybersecurity and privacy protection – Information security management systems – Requirements. Amendment 1: Action on climate change. - ISO/IEC 27001:2022/Amd 1 - 2024
- Information security, cybersecurity and privacy protection – Information security...
Regulations
(non-exhaustive list)
Directive (EU) 2022/2555 of the European Parliament and of the Council of December 14, 2022 on measures to ensure a common high level of cybersecurity throughout the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (SRI 2 Directive), OJEU L 333 of December 27, 2022.
Treaty on the Functioning of the European...
Directory
Organizations – Federations – Associations (non-exhaustive list)
ANSSI (Agence nationale de la sécurité des systèmes d'information) :
ENISA (European Union Agency for Cybersecurity) or AESRI (Agence de l'Union européenne pour la cybersécurité) :
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference