Customer Support: +1 416-401-8730

Login to i2i Subscription Intertek.com
  • There are no items in your cart
Please enter a keyword to search
Advanced search

INCITS/ISO/IEC 27040 : 2017

Current
Current

The latest, up-to-date edition.

INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - STORAGE SECURITY
Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

01-01-2017

Publisher

Information Technology Industry Council

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 symbols and abbreviated terms
5 Overview and concepts
6 supporting controls
7 Guidelines for the design and implementation
  of storage security
Annex A (normative) - Media sanitization
Annex B (informative) - Selecting appropriate
        storage security controls
Annex C (informative) - Important security concepts
Bibliography

Gives detailed technical guidance on how organizations can define an appropriate level of risk mitigation by employing a well-proven and consistent approach to the planning, design, documentation, and implementation of data storage security.

DocumentType
Standard
Pages
120
PublisherName
Information Technology Industry Council
Status
Current

Standards Relationship
ISO/IEC 27040:2015 Identical

ISO/IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements
ANSI INCITS 400 : 2004 INFORMATION TECHNOLOGY - SCSI OBJECT-BASED STORAGE DEVICE COMMANDS (OSD)
ISO/IEC 27003:2017 Information technology — Security techniques — Information security management systems — Guidance
ISO/TR 10255:2009 Document management applications Optical disk storage technology, management and standards
ISO/IEC 27037:2012 Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence
ISO/IEC 27031:2011 Information technology Security techniques Guidelines for information and communication technology readiness for business continuity
ISO/IEC/IEEE 24765:2017 Systems and software engineering — Vocabulary
ISO/IEC 27033-1:2015 Information technology Security techniques Network security Part 1: Overview and concepts
ISO/IEC 19790:2012 Information technology Security techniques Security requirements for cryptographic modules
ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
ISO 16609:2012 Financial services — Requirements for message authentication using symmetric techniques
ISO 16175-2:2011 Information and documentation Principles and functional requirements for records in electronic office environments Part 2: Guidelines and functional requirements for digital records management systems
ISO/TR 18492:2005 Long-term preservation of electronic document-based information
ANSI INCITS 482 : 2012 INFORMATION TECHNOLOGY - ATA/ATAPI COMMAND SET - 2 (ACS-2)
IEEE 1619-2007 IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices
ISO/IEC 17826:2016 Information technology Cloud Data Management Interface (CDMI)
ISO 7498-2:1989 Information processing systems Open Systems Interconnection Basic Reference Model Part 2: Security Architecture
ISO 16175-3:2010 Information and documentation Principles and functional requirements for records in electronic office environments Part 3: Guidelines and functional requirements for records in business systems
IEEE 1619.1-2007 IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices
ANSI INCITS 458 : 2011 INFORMATION TECHNOLOGY - SCSI OBJECT-BASED STORAGE DEVICE COMMANDS - 2 (OSD-2)
ANSI INCITS 496 : 2012 INFORMATION TECHNOLOGY - FIBRE CHANNEL - SECURITY PROTOCOLS - 2 (FC-SP-2)
ISO/IEC 27005:2011 Information technology Security techniques Information security risk management
ANSI INCITS 512 : 2015 INFORMATION TECHNOLOGY - FIBRE CHANNEL - PHYSICAL INTERFACE-6 (FC-PI-6)
ANSI INCITS 470 : 2011(R2016) INFORMATION TECHNOLOGY - FIBRE CHANNEL - FRAMING AND SIGNALING - 3 (FC-FS-3)
ISO/IEC 24775:2011 Information technology Storage management
ISO/IEC 24759:2017 Information technology Security techniques Test requirements for cryptographic modules
ISO/IEC 14776-372:2011 Information technology Small Computer System Interface (SCSI) Part 372: SCSI Enclosure Services - 2 (SES-2)
ISO/IEC 27033-3:2010 Information technology — Security techniques — Network security — Part 3: Reference networking scenarios — Threats, design techniques and control issues
ISO/IEC 27033-2:2012 Information technology — Security techniques — Network security — Part 2: Guidelines for the design and implementation of network security
ISO/IEC 10116:2017 Information technology — Security techniques — Modes of operation for an n-bit block cipher
ISO/PAS 22399:2007 Societal security - Guideline for incident preparedness and operational continuity management
ISO 16175-1:2010 Information and documentation Principles and functional requirements for records in electronic office environments Part 1: Overview and statement of principles
ISO/IEC 17788:2014 Information technology — Cloud computing — Overview and vocabulary
ISO Guide 73:2009 Risk management — Vocabulary

View more information
US$184.44
Excluding Tax where applicable
USD
CAD
CHF
CNY
DKK
EUR
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF - English
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

or

Get in touch with us