Digital Marketing Agency

10 ISO Standards

Core Standards

  • ISO 10010 - Services Management

    Quality management — Guidance to understand, evaluate and improve organizational quality culture

    This document gives guidance on the evaluation, development and improvement of organizational quality culture to help an organization to achieve sustained success. This document takes into account the fundamental concepts and quality management principles, with specific focus on people engagement and leadership.

    The recommendations in this document are generic and are intended to be applicable to any organization, regardless of its size, industry, location, maturity or the products and services it provides.

    NOTE   This document provides example tools for the evaluation of organizational quality culture by self-assessment to determine quality culture maturity and potential for improvement

  • ISO 31700-1 - Services Management

    Consumer protection — Privacy by design for consumer goods and services — Part 1: High-level requirements

    This document establishes high-level requirements for privacy by design to protect privacy throughout the lifecycle of a consumer product, including data processed by the consumer.

    This document does not contain specific requirements for the privacy assurances and commitments that organizations can offer consumers nor does it specify particular methodologies that an organization can adopt to design and-implement privacy controls, nor the technology that can be used to operate such controls.

  • ISO 9000 - Services Management

    Quality management systems — Fundamentals and vocabulary

    ISO 9000:2015 describes the fundamental concepts and principles of quality management which are universally applicable to the following:

    • organizations seeking sustained success through the implementation of a quality management system;
    • customers seeking confidence in an organization's ability to consistently provide products and services conforming to their requirements;
    • organizations seeking confidence in their supply chain that their product and service requirements will be met;
    • organizations and interested parties seeking to improve communication through a common understanding of the vocabulary used in quality management;
    • organizations performing conformity assessments against the requirements of ISO 9001;
    • providers of training, assessment or advice in quality management;
    • developers of related standards.

    ISO 9000:2015 specifies the terms and definitions that apply to all quality management and quality management system standards developed by ISO/TC 176.

  • ISO 22329 - Services Management

    Security and resilience — Emergency management — Guidelines for the use of social media in emergencies

    This document gives guidance on the use of social media in emergency management. It gives guidance on how organizations and the public can use, and interact through, social media before, during and after an incident as well as how social media can support the work of emergency services.

    This document is applicable to governmental and non-governmental organizations involved in emergency management and crisis communication.

  • ISO 10009 - Services Management

    Quality management — Guidance for quality tools and their application

    This document gives guidance on the selection and application of tools that can be used in a quality management system to:

    a)       characterize a process or a variable;

    b)       facilitate problem solving;

    c)        highlight areas for improvement;

    d)       improve effectiveness.

  • ISO/IEC 27036-3 - Information Technology

    Cybersecurity — Supplier relationships — Part 3: Guidelines for hardware, software, and services supply chain security

    This document provides guidance for product and service acquirers, as well as suppliers of hardware, software and services, regarding:

    a)    gaining visibility into and managing the information security risks caused by physically dispersed and multi-layered hardware, software, and services supply chains;

    b)    responding to risks stemming from this physically dispersed and multi-layered hardware, software, and services supply chain that can have an information security impact on the organizations using these products and services;

    c)    integrating information security processes and practices into the system and software life cycle processes, as described in ISO/IEC/IEEE 15288 and ISO/IEC/IEEE 12207, while supporting information security controls, as described in ISO/IEC 27002.

    This document does not include business continuity management/resiliency issues involved with the hardware, software, and services supply chain. ISO/IEC 27031 addresses information and communication technology readiness for business continuity.

  • ISO 10004 - Services Management

    Quality management — Customer satisfaction — Guidelines for monitoring and measuring

    This document gives guidelines for defining and implementing processes to monitor and measure customer satisfaction.

    This document is intended for use by any organization regardless of its type or size, or the products and services it provides. The focus of this document is on customers external to the organization.

    NOTE Throughout this document, the terms "product" and "service" refer to the outputs of an organization that are intended for, or required by, a customer.

  • ISO/IEC 27102 - Information Technology

    Information security, cybersecurity and privacy protection — Guidelines for applying ISO/IEC 27001 and related standards in support of cyber insurance

    This document provides guidelines when considering purchasing cyber-insurance as a risk treatment option to manage the impact of a cyber-incident within the organization’s information security risk management framework, as well as leveraging the organization’s ISMS when sharing relevant data and information with an insurer.

    This document gives guidelines for:

    a)  considering the purchase of cyber insurance as a risk treatment option to share cyber risks;

    b)  leveraging cyber insurance to assist in managing the impact of a cyber incident;

    c)  sharing of data and information between the insured and an insurer to support underwriting, monitoring and claims activities associated with a cyber insurance policy;

    d)  leveraging an ISMS when sharing relevant data and information with an insurer.

    This document is applicable to organizations that intend to purchase cyber insurance, regardless of type, size or sector.

  • ISO/IEC 27032 - Information Technology

    Cybersecurity — Guidelines for Internet security

    This document provides:

    —    an explanation of the relationship between Internet security, web security, network security and cybersecurity;

    —    an overview of Internet security;

    —    identification of interested parties and a description of their roles in Internet security;

    —    high-level guidance for addressing common Internet security issues.

    This document is intended for organizations that use the Internet.

  • ISO/IEC 27001 - Information Technology

    Information security, cybersecurity and privacy protection — Information security management systems — Requirements

    This document specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This document also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in this document are generic and are intended to be applicable to all organizations, regardless of type, size or nature.