What is BS EN ISO 24373:2010 ?

What is BS EN ISO 24373:2010 and EN ISO 27346:2011?

BS EN ISO 24373:2010 and EN ISO 27346:2011 are both professional technical standards that focus on the requirements for the management of information technology infrastructure. EN ISO 24373:2010 provides a framework and guidelines for organizations to effectively manage their IT infrastructure in order to ensure smooth operations and maintain high levels of security. On the other hand, EN ISO 27346:2011 aims to assist organizations in establishing, implementing, maintaining, and continually improving their IT infrastructure.

Key Principles of EN ISO 24373:2010

The main purpose of EN ISO 24373:2010 is to provide a framework for the management of information technology infrastructure that aligns with the ISO/IEC 27001 standard. It provides guidelines for organizations to establish, implement, maintain, and continually improve their IT infrastructure. The standard emphasizes the importance of risk management and outlines the key components of a risk management framework.

Key Components of EN ISO 24373:2010

EN ISO 24373:2010 provides a comprehensive framework for managing information technology infrastructure. The standard consists of five key components:

The management system: This component outlines the policies and procedures that define the organization's approach to managing its information technology infrastructure.

The risk management framework: This component defines the key principles and procedures for identifying, assessing, and managing risks to the organization's information assets.

The control environment: This component defines the key elements of the organization's information technology infrastructure that are relevant to risk management, including hardware, software, and network devices.

The risk assessment: This component outlines the procedures for identifying and assessing the risks to the organization's information assets.

The risk management action plan: This component outlines the procedures for implementing and monitoring risk management actions.

EN ISO 24373:2010 is designed to help organizations establish, implement, maintain, and continually improve their information technology infrastructure in order to ensure the confidentiality, integrity, and availability of their information. By implementing the guidelines outlined in this standard, organizations can identify and address information security risks and protect their sensitive information assets.