Low prices! Originals & Translations! Save your budget and time!
ONLINENORMS: Online Standards Store
Click View Shopping Cart
  1. Home
  2. MODUK
  3. MODUK DEF STAN 05-139 PDF

MODUK DEF STAN 05-139 PDF

MODUK DEF STAN 05-139 PDF

Name:
MODUK DEF STAN 05-139 PDF

Published Date:
06/28/2023

Status:
[ Active ]

Description:

Cyber Security and Resilience of Products, Systems and Services

Publisher:
British Defence Standards

Document status:
Active
Format:
Electronic (PDF)
Delivery time:
10 minutes
Delivery time (for Russian version):
200 business days
SKU:
Choose Document Language:
$3.9
Need Help?

Purpose

This Defence Standard defines the cyber security and resilience requirements in respect of all Products, Systems and/or Services (PSS) procured by the MOD other than those that are outside of the MOD Digital Enterprise1. This is distinct from, yet complementary to, the requirements for risk management of MOD Identifiable Information (MODII) through the supply chain, as covered in DefStan 05-138.

The purpose of this standard is to provide a standing set of cyber security and resilience requirements for PSS to be procured by MOD - referred to as acquisition items.

Whilst the initial application of this standard is within the contract between MOD and their suppliers (of PSS), it can also be used to support the articulation of requirements that may cascade down the supply chain, e.g., supplier to MOD stipulating requirements on their own suppliers.

The requirements within this standard are selected by the acquiring authority, based upon a categorisation process (covered in clause 3) and can be tailored by that acquiring authority to suit the specific acquisition context.

This standard is applicable throughout the acquisition lifecycle, including but not constrained to the following:

a. Providing MOD with early assurance (pre-contract award) that potential materiel suppliers are trustworthy and capable of delivering the intended acquisition scope, e.g., as part of a Suitability Assessment Questionnaire (SAQ2) or as part of a Pre-Qualification Questionnaire (PQQ).

b. Providing potential suppliers with a framework within which early assurances can be offered in support of an intention to bid for a MOD acquisition.

c. Providing a framework for the structure of a security case, demonstrating an appropriate and proportionate cyber security and resilience approach and supporting the acceptance of an acquisition item into service.

d. The maintenance of the cyber security and resilience of the PSS in service.

e. Disposal.

1 The scope of this standard includes but is not limited to networks, applications, services, information technology, operational technology, platforms and weapons systems containing electronic and digital components.

2 This is referring to an acquisition questionnaire used by MOD and not the Supplier Assurance Questionnaire referenced in DefStan 05-138


Edition : I1
File Size : 1 file , 1.7 MB
Number of Pages : 49
Published : 06/28/2023

History

Related products

Best-Selling Products

EI IP-MCSP-P19
EI IP-MCSP-P19
Published Date: 2012
Model Code of Safe Practice Part 19: Fire precautions at petroleum refineries and bulk storage installations, Third Edition
$87.63