Résumé
This document provides guidelines when considering purchasing cyber-insurance as a risk treatment option to manage the impact of a cyber-incident within the organization’s information security risk management framework, as well as leveraging the organization’s ISMS when sharing relevant data and information with an insurer.
This document gives guidelines for:
a) considering the purchase of cyber insurance as a risk treatment option to share cyber risks;
b) leveraging cyber insurance to assist in managing the impact of a cyber incident;
c) sharing of data and information between the insured and an insurer to support underwriting, monitoring and claims activities associated with a cyber insurance policy;
d) leveraging an ISMS when sharing relevant data and information with an insurer.
This document is applicable to organizations that intend to purchase cyber insurance, regardless of type, size or sector.
Informations générales
-
État actuel: PubliéeDate de publication: 2019-08Stade: Norme internationale à réviser [90.92]
-
Edition: 1
-
Comité technique :ISO/IEC JTC 1/SC 27ICS :35.030
- RSS mises à jour
Cycle de vie
-
Actuellement
PubliéeISO/IEC 27102:2019
Les normes ISO sont réexaminées tous les cinq ans
Stade: 90.92 (Sera révisée) -
Sera remplacée par
ProjetISO/IEC WD 27102
