ISO/DIS 34001:2016 en

Beveiligingsmanagementsysteem - Maatregelen en procesbesturing tegen fraude

  • Deze norm is niet direct leverbaar vanuit de NEN-shop.
    Wilt u dit product bestellen neemt u dan contact op met NEN-klantenservice: (015) 2 690 391 of

Over deze norm

Status Ontwerp
Aantal pagina's 19
Gepubliceerd op 09-09-2016
Taal Engels
This document addresses the management of security-related risks to an organization’s tangible assets (human, financial and physical) and intangible assets (information, brand and reputation). It is intended to help an organization assure authenticity, integrity and trust for its products and documents. It addresses risks that can compromise this objective and result in events causing harm to the organization and its stakeholders. These risks include: a) fraudulent acts; b) deliberate acts of an adversary or competitor; c) acts of malicious intent; d) wilful neglect; e) unintentional acts impacting assets. This document specifies requirements for an organization to assess its specific security risks and address risks pertinent to its risk tolerance, in a way that is proactive in preventing acts detrimental to the organization. The security management system described in this document is intended to be an integral part of the organization’s overall management system. The requirements specified in this document are generic and intended to be applicable to all organizations (or parts thereof), regardless of the type, size and nature of the organization. The extent of application of these requirements depends on the organization’s operating environment, product and service portfolio, risk profile and complexity. This document specifies requirements for a security management system to enable an organization to establish and implement policies, objectives and programmes. This document applies to security-related risks and impacts of security-related acts that the organization needs to control, influence or reduce. It does not state specific performance criteria. This document addresses the relevance of risks related to information technology (IT) security but is not intended to give requirements on how to manage IT security, which is addressed in ISO/IEC 27001. This document is intended to prevent or mitigate harmful attacks on products and documents by human action that is directly contrary to the intentions of the organization producing the product or document.


ICS-code 03.100.01
Nederlandse titel Beveiligingsmanagementsysteem - Maatregelen en procesbesturing tegen fraude
Engelse titel Security and resilience - Security management system for organizations assuring authenticity, integrity and trust for products and documents



Ga naar winkelwagen