CAN/CSA-ISO/IEC 13335-1-05 (R2011) PDF

Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T).

This Standard replaces CAN/CSA-ISO/IEC TR 13335-1-01 (adoption of ISO/IEC TR 13335-1:1996).

At the time of publication, ISO/IEC 13335-1:2004 is available from ISO and IEC in English only. CSA will publish the French version when it becomes available from ISO and IEC.

1 Scope

ISO/IEC 13335 contains guidance on the management of ICT security. Part 1 of ISO/IEC 13335 presents the concepts and models fundamental to a basic understanding of ICT security, and addresses the general management issues that are essential to the successful planning, implementation and operation of ICT security.

It is not the intent of this International Standard to suggest a particular management approach to ICT security. Instead ISO/IEC 13335-1 contains a general discussion of useful concepts and models for the management of ICT security.

This material is general and applicable to many different styles of management and organizational environments. It is organized in a manner that allows the tailoring of the material to meet the needs of an organization and its specific management style.