Mit dem neuen Standard ISO/IEC TR 27015:2012 (TR: Technical Report) “Information technology – Security techniques – Information security management guidelines for financial services” gibt hat die ISO einen Umsetzungsleitfaden für das ISMS speziell für die Branche der Finanzdienstleister herausgegeben. Der Standard ergänzt ISO/IEC 27002.

“Organisations providing financial services have a different risk profile than those in other sectors and represent natural attack targets. A high level of trust in the protection of financial and customer data is therefore crucial for them. At a time when the financial sector faces unprecedented focus on legislative and regulatory controls, as well as persistent cyber-attacks, ISO/IEC TR 27015:2012 complements ISO/IEC 27002:2005 by providing additional information security guidelines specific to financial services organisations for supporting them in managing their information security risks.” (ISO).

Der Standard kann bei der ISO online bezogen werden.