prEN 18037
(Main)Guidelines on a sectoral cybersecurity assessment
Guidelines on a sectoral cybersecurity assessment
This document contains guidelines to be used in the process of drafting requirements of cybersecurity certification schemes for sectoral ICT services and systems. It includes all steps necessary to define, implement and maintain such requirements.
Leitlinien für ein sektorales Cybersecurity Assessment
Dieses Dokument legt einen Ansatz, der eine risikobasierte Identifizierung von Cybersecurity-, Zertifizierungs- und Vertrauenswürdigkeitsanforderungen von IKT-Produkten, -Prozessen und -Dienstleistungen für kom
plexe, sektorale Multi-Stakeholder-Systeme unterstützt, fest.
Der sektorale Cybersecurity-Assessment-Prozess beinhaltet alle zur Definition, Implementierung und Aufrechterhaltung dieser Anforderungen erforderlichen Schritte.
Cybersécurité et protection des données - Lignes directrices pour l'appréciation sectorielle de la cybersécurité
Le présent document spécifie une approche qui soutient une identification fondée sur les risques des exigences en matière de cybersécurité, de certification et d'assurance pour les produits, processus et services TIC des systèmes sectoriels complexes impliquant plusieurs parties prenantes.
Le processus d'appréciation sectorielle de la cybersécurité comprend toutes les étapes nécessaires pour définir, mettre en oeuvre et maintenir ces exigences.
Smernice za sektorsko oceno kibernetske varnosti
General Information
Standards Content (Sample)
SLOVENSKI STANDARD
oSIST prEN 18037:2024
01-februar-2024
Smernice za sektorsko oceno kibernetske varnosti
Guidelines on a sectoral cybersecurity assessment
Leitlinien für ein sektorales Cybersecurity Assessment
Cybersécurité et protection des données - Lignes directrices pour l'appréciation
sectorielle de la cybersécurité
Ta slovenski standard je istoveten z: prEN 18037
ICS:
35.030 Informacijska varnost IT Security
oSIST prEN 18037:2024 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
---------------------- Page: 1 ----------------------
oSIST prEN 18037:2024
---------------------- Page: 2 ----------------------
oSIST prEN 18037:2024
EUROPEAN STANDARD DRAFT
prEN 18037
NORME EUROPÉENNE
EUROPÄISCHE NORM
November 2023
ICS
English version
Guidelines on a sectoral cybersecurity assessment
Leitlinien für ein sektorales Cybersecurity Assessment
This draft European Standard is submitted to CEN members for enquiry. It has been drawn up by the Technical Committee
CEN/CLC/JTC 13.
If this draft becomes a European Standard, CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal
Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any
alteration.
This draft European Standard was established by CEN and CENELEC in three official versions (English, French, German). A
version in any other language made by translation under the responsibility of a CEN and CENELEC member into its own language
and notified to the CEN-CENELEC Management Centre has the same status as the official versions.
CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium,
Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia,
Slovakia, Slovenia, Spain, Sweden, Switzerland, Türkiye and United Kingdom.
Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are
aware and to provide supporting documentation.Recipients of this draft are invited to submit, with their comments, notification
of any relevant patent rights of which they are aware and to provide supporting documentation.
Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without
notice and shall not be referred to as a European Standard.
CEN-CENELEC Management Centre:
Rue de la Science 23, B-1040 Brussels
© 2023 CEN/CENELEC All rights of exploitation in any form and by any means
Ref. No. prEN 18037:2023 E
reserved worldwide for CEN national Members and for
CENELEC Members.
---------------------- Page: 3 ----------------------
oSIST prEN 18037:2024
prEN 18037:2023 (E)
Contents Page
European foreword . 4
Introduction . 5
1 Scope . 7
2 Normative references . 7
3 Terms and definitions . 7
3.1 General terms . 7
3.2 Terms related to organization . 8
3.3 Terms related to sectoral approach to cybersecurity . 9
3.4 Terms related to risk . 10
4 Abbreviations . 12
5 Sectoral Cybersecurity Assessment . 12
5.1 Application of the sectoral cybersecurity assessment methodology . 12
5.2 Principles and new capacities .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.