ISO/IEC JTC 1/SC 27 N17XXX ISO/IEC JTC 1/SC 27/WG 1 N9XX

Transcription

1 ISO/IEC JTC 1/SC 27/WG 1 N9XX ISO/IEC JTC 1/SC 27 Information technology - Security techniques Secretariat: DIN, Germany Replaces: DOC TYPE:, CRM Resolutions and Acclamations TITLE: Recommendations of the 54 th SC 27 WG 1 Plenary Meeting (for Documents Stages 00 20) and Resolutions of the Comment Resolution Meeting (for Documents Stages 30 60) held in Hamilton, New Zealand, SOURCE: 54 th SC 27/WG 1 Plenary and CRM Meeting DATE: PROJECT: STATUS: This document has been at the 54 th SC 27/WG 1 Plenary Meeting in Hamilton, New Zealand, and is being circulated for information. This document also contains Disapproval Vote Comments (Annex A), Plenary notes (Annex B) ACTION ID: DUE DATE: DISTRIBUTION: MEDIUM: NO. OF PAGES: FYI P, O, L Members L. Rajchel, JTC 1 Secretariat H. Cuschieri, ITTF W. Fumy, SC 27 Chairman M. De Soete, SC 27 Vice-Chair E. Humphreys, T. Chikazawa, M. Bañón, J. Amsenga, K. Rannenberg, WG-Convenors Secretariat ISO/IEC JTC 1/SC 27 DIN Deutsches Institut für Normung e. V., Am DIN-Platz, Burggrafenstr. 6, D [D postal] Berlin, Germany Telephone: ; Facsimile: ; krystyna.passia@din.de

2 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 1: Future Meeting Schedule ISO/IEC JTC 1/SC 27/WG 1 agrees to the following meeting dates. From Until Place Reference Berlin, Germany SC27N Wuhan, China TBC Oslo, Norway TBC Recommendation 2: Future Webex Meeting ISO/IEC JTC 1/SC 27 approves the scheduling of the following Webex Meeting to further study period project development. Project From Until Project Study Period WG 1 Terminology Working Group (TWG) Recommendation 3: Webex Agenda ISO/IEC JTC 1/SC 27/WG 1 instructs the rapporteurs of the Study Period on WG 1 Terminology Working Group (TWG) to create a Webex Meeting Agenda by. Recommendation 4: Call for Webex Participation ISO/IEC JTC 1/SC 27/WG 1 instructs the WG 1 Convenor to issue a call for participation for the future Webex meeting on WG 1 Terminology Working Group (TWG) in alignment with the issuing of the Webex Meeting Agenda. Page 2 of 24

3 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 5: Meeting Reports and Other Documents ISO/IEC JTC 1/SC 27/WG 1 instructs each of its rapporteurs to create the following documents in accordance with the instructions received at the working group meetings and to send these documents to SC 27 WG 1 Vice-Convenor by the dates given below. Doc. Project Title WG1 N912 Study Period Meeting Report Defect report on ISO/IEC 27000:2016 WG1 N913 Study Period Meeting Report Defect report on ISO/IEC 27001:2013 WG1 N930 Study Period Meeting Report Defect report on ISO/IEC 27009:2016 WG1 N914 Study Period Meeting Report Design specification for the revision of ISO/IEC 27002:2013 WG1 N915 Study Period Meeting Report Design specification for the revision of ISO/IEC 27005:2011 WG1 N916 Study Period Meeting Report Design specification for the revision of ITU-T X.1054 ISO/IEC 27014:2011 WG1 N917 Study Period Meeting Report Use case examples for the application of ISO/IEC Documents due by WG1 N918 Study Period Meeting Report Risk Handling Library WG1 N920 Study Period Meeting Report Relationship of ISO/IEC standards to Cybersecurity Frameworks and/or Cybersecurity Programmes WG1 N921 Study Period Meeting Report Design Specification for Guidelines on Cyber Resilience WG1 N921 Study Period Meeting Report Cybersecurity WG1 N922 Study Period Meeting Report Revision of Annex SL WG1 N924 Study Period Meeting Report Use of ISO/IEC family of standards in Governmental / Regulatory requirements WG1 N925 WG 1 SD 7 Text for WG 1 SD 7 Use of ISO/IEC family of standards in Governmental / Regulatory requirements WG1 N926 WG 1 SD 8 Text for WG 1 SD 8 Use case examples for the Page 3 of 24

4 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Doc. Project Title application of ISO/IEC WG1 N927 WG 1 SD27103 Text for WG 1 SD27103 Cybersecurity and ISO and IEC Standards WG1 N923 TWG Meeting Report WG 1 Terminology Working Group (TWG) WG1 N970 TWG Webex Meeting Report on WG 1 Terminology Working Group (TWG) including an Agenda for the WG1 SWG-1 Workshop Documents due by Page 4 of 24

5 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 6: Documents for Information ISO/IEC JTC 1/SC 27/WG 1 requests that the WG1 Vice-Convenor circulate the following documents to experts for information: Doc No. Project Title WG1 N912 Study Period Meeting Report Defect report on ISO/IEC 27000:2016 WG1 N913 Study Period Meeting Report Defect report on ISO/IEC 27001:2013 WG1 N9 Study Period Meeting Report Defect report on ISO/IEC 27009:2016 WG1 N914 Study Period Meeting Report Design specification for the revision of ISO/IEC 27002:2013 WG1 N915 Study Period Meeting Report Design specification for the revision of ISO/IEC 27005:2011 WG1 N916 Study Period Meeting Report Design specification for the revision of ITU-T X.1054 ISO/IEC 27014:2011 WG1 N917 Study Period Meeting Report Use case examples for the application of ISO/IEC WG1 N918 Study Period Meeting Report Risk Handling Library WG1 N920 Study Period Meeting Report Relationship of ISO/IEC standards to Cybersecurity Frameworks and/or Cybersecurity Programmes WG1 N921 Study Period Meeting Report Design Specification for Guidelines on Cyber Resilience WG1 N921 Study Period Meeting Report Cybersecurity WG1 N922 Study Period Meeting Report Revision of Annex SL WG1 N924 Study Period Meeting Report Use of ISO/IEC family of standards in Governmental / Regulatory requirements WG1 N925 WG 1 SD 7 Text for WG 1 SD 7 Use of ISO/IEC family of standards in Governmental / Regulatory requirements WG1 N926 WG 1 SD 8 Text for WG 1 SD 8 Use case examples for the application of ISO/IEC WG1 N927 WG 1 SD27103 Text for WG 1 SD27103 Cybersecurity and ISO and IEC Standards WG1 N923 Study Period Meeting Report WG 1 Terminology Working Group (TWG) Page 5 of 24

6 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Doc No. Project Title WG1 N970 TWG Webex Meeting Report on WG 1 Terminology Working Group (TWG) including an Agenda for the WG1 SWG-1 Workshop Recommendation 7: Extension of Study Periods ISO/IEC JTC 1/SC 27/WG 1 agrees to extend the following Study Periods: Title Time Period Terms of Reference Design specification for the revision of ISO/IEC 27005: Months WG1 N931 Design specification for the revision of ISO/IEC 27002: Months WG1 N932 Risk Handling Library 6 Months WG1 N933 Recommendation 8: Revision of Terms of Reference ISO/IEC JTC 1/SC 27/WG 1 instructs the rapporteurs to revise the terms of reference for the following Study Periods by : Project Title Doc No. Study Period Design specification for the revision of ISO/IEC 27005:2011 WG1 N931 Study Period Design specification for the revision of ISO/IEC 27002:2013 WG1 N932 Study Period Risk Handling Library WG1 N933 Study Period Cybersecurity WG1 N948 Page 6 of 24

7 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 9: Cancellation of Study Periods ISO/IEC JTC 1/SC 27/WG 1 agrees to cancel the following Study Periods: Project Title Justification Study Period Design specification for the revision of ITU-T X.1054 ISO/IEC 27014:2011 WG1 N916 Study Period Use case examples for the application of ISO/IEC WG1 N917 Study Period Relationship of ISO/IEC standards to Cybersecurity Frameworks and/or Cybersecurity Programmes WG1 N920 Study Period Design Specification for Guidelines on Cyber Resilience WG1 N921 Study Period Use of ISO/IEC family of standards in Governmental / Regulatory requirements WG1 N924 Recommendation 10: Appointment of Editor, Co-Editors and Co-Rapporteur ISO/IEC JTC 1/SC 27/WG 1 appoints the following project rapporteurs and co-editors: Name Project Title Role Srinivas Potharaju Benoit Poletti WG 1 SD 7 Use of ISO/IEC family of standards in Governmental / Regulatory requirements Co-Editor Angelika Eksteen Fuki Azetsu WG 1 SD 8 Use case examples for the application of ISO/IEC Co-Editor Laura Lindsay Bridget Kenyon WG 1 SD27103 Relationship of ISO/IEC standards to Cybersecurity Frameworks and/or Cybersecurity Programmes Co-Editor Fredrik Blix Study Period Cybersecurity Co-Rapporteur Adrian Davis Miho Naganuma (27102) Guidelines for cyber insurance Editor Co-Editor Page 7 of 24

8 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 11: Minor Revision of ISO/IEC 27000:2016 ISO/IEC JTC 1/SC 27/WG 1 requests the WG1 Convenor to request the SC27 Secretariat to initiate an early Minor Revision of ISO/IEC 27001:2016 based on the Justification provided in the Meeting Report Revision of Annex SL as contained in WG1 N922. Recommendation 12: Revision of ISO/IEC 27009:2016 ISO/IEC JTC 1/SC 27/WG 1 requests the WG1 Convenor to request the SC27 Secretariat to initiate an early Revision of ISO/IEC 27009:2016 based on the Justification provided in the Meeting Report Defect report on ISO/IEC 27009:2016 as contained in WG1 N930. Recommendation 13: Input Documents for Study period ISO/IEC JTC 1/SC 27/WG 1 instructs David Brewer to prepare two structure option documents for inclusion in the call for contributions (WG1N934) for the Study Period on Draft Design specification for the revision of ISO/IEC 27002:2013 by Recommendation 14: Template for WG 1 SD 7 ISO/IEC JTC 1/SC 27/WG 1 requests the Co-Editors of WG 1 SD 7 to prepare a template for inputs to allow future updates to be applied to WG 1 SD 7 for the Use of ISO/IEC family of standards in Governmental / Regulatory requirements (WG1N925). Page 8 of 24

9 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 15: Input Text Call for Contributions (Study Periods) ISO/IEC JTC 1/SC 27/WG 1 requests Study Period Rapporteurs to provide the WG 1 Vice-Convenor suitable text to request the required contributions from WG 1 Experts prior to. Page 9 of 24

10 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 16: Call for Contributions ISO/IEC JTC 1/SC 27/WG 1 requests that the WG1 Vice-Convenor circulate a call for contributions for the following projects to experts for input. Submissions should be returned prior to the due date. Doc No. Project Title Contributions due by WG1 N934 Study Period Revision of ISO/IEC 27002: WG1 N938 Study Period Revision of ISO/IEC 27005: WG1 N944 Study Period Risk Handling Library WG1 N954 Study Period WG 1 Terminology Working Group (TWG) WG1 N961 Study Period Cybersecurity WG1 N964 WG 1 SD 7 Use of ISO/IEC family of standards in Governmental / Regulatory requirements Page 10 of 24

11 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 17: Study Period Report Requests ISO/IEC JTC 1/SC 27/WG 1 instructs the rapporteurs of the following projects to assess contributions received from experts in accordance with terms of reference and to prepare input documents which are to be sent to the SC 27 WG 1 Vice-Convenor by due date. Doc No. Project Title Due Date WG1 N936 Study Period Revision of ISO/IEC 27002: WG1 N940 Study Period Revision of ISO/IEC 27005: WG1 N946 Study Period Risk Handling Library WG1 N956 Study Period WG 1 Terminology Working Group (TWG) WG1 N963 Study Period Cybersecurity WG1 N966 WG 1 SD 7 Use of ISO/IEC family of standards in Governmental / Regulatory requirements Page 11 of 24

12 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 18: Revised Design Specification and Outline Documents WG 1 approves the revised Design Specification contained below and instructs its Rapporteurs to update the outline document based on this revised Design Specification by the due date. Doc No. Project Title Due Date WG1 N934 Study Period Design specification for the revision of ISO/IEC 27002:2013 WG1 N949 Study Period Risk Handling Library WG1 N938 Study Period Design specification for the revision of ISO/IEC 27005:2011 WG1 N942 Study Period Design specification for the revision of ISO/IEC 27014:2013 Recommendation 19: Input Document on New Work Item Proposal ISO/IEC JTC 1/SC 27/WG 1 instructs the Study Period Rapporteurs on the revision of ISO/IEC to prepare a New Work Item Proposal (SC27 N17214/WG1 N942). Recommendation 20: New Work Item Proposal ISO/IEC JTC 1/SC 27/WG 1 instructs the SC 27 WG 1 Convenor to request the SC 27 Secretariat to initiate a vote on the New Work Item Proposal (SC27 N17214) on the topic of revision ISO/IEC 27014: (1 st Ed.) Information technology Security techniques Governance of information security. Page 12 of 24

13 54 th WG 1 Plenary Meeting in Hamilton, New Zealand, Recommendation 21: Liaison Statements (Cat C) ISO/IEC JTC 1/SC 27/WG 1 approves the preparation of the following liaison statements and requests that the WG 1 Management Team review the text before sending these liaison statements. Input Doc. Output Doc. To Topic WG1 N@ WG1 N968 ISA99 (Joint WG3) ISO/IEC ISO/IEC Page 13 of 24

14 ISO/IEC JTC 1/SC 27 SC 27 CRM (WG 1) Resolutions 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Comment Resolution Meetings (CRM) Resolutions Page 14 of 24

15 ISO/IEC JTC 1/SC 27 SC 27 CRM (WG 1) Resolutions 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Resolution 1: Updating of Documents ISO/IEC JTC 1/SC 27 instructs each of its editors to update the following documents and dispositions of comments in accordance with the instructions received at the comment resolution meetings, and to send these documents to the WG 1 Vice-Convenor no later than the dates given below. Doc. Project Title SC27 N (27007) SC27 N (27007) SC27 N (27008) SC27 N (27008) SC27 N (27019) SC27 N (27019) SC27 N (27021) SC27 N (27021) SC27 N (27005) SC27 N17185 (WG1 N970) (27005) SC27 N (27009) WG1 N (27102) Documents due by Disposition of comments on ISO/IEC DIS Revised text of ISO/IEC DIS Guidelines for information security management systems auditing Disposition of comments on ISO/IEC DTR Revised text of ISO/IEC 2 nd PDTS Guidelines for the assessment of information security controls Disposition of comments on ISO/IEC DIS Revised text of ISO/IEC DIS Information security controls for the energy utility industry Disposition of comments on ISO/IEC DIS Revised text of ISO/IEC DIS Competence requirements for information security management systems professionals Disposition of comments on ISO/IEC DCOR Information security risk management Revised Text for ISO/IEC DCOR Information security risk management Disposition of comments on ISO/IEC DCOR Sector-specific application of ISO/IEC Requirements Text for WD ISO/IEC Guidelines for cyber insurance Page 15 of 24

16 ISO/IEC JTC 1/SC 27 SC 27 CRM (WG 1) Resolutions 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Resolution 2: Meeting Reports and Other Documents ISO/IEC JTC 1/SC 27 instructs each of its Editors to create the following documents in accordance with the instructions received at the Comment Resolution Meetings and to send these documents to SC 27 WG 1 Vice-Convenor by the dates given below. Doc. Project Title SC27N (27009) Justification report Cancellation of ISO/IEC DCOR Sector-specific application of ISO/IEC Requirements Documents due by SC27N (27005) SC27N (27009) SC27N (27102) SC27N (27007) SC27N (27008) SC27N (27019) SC27N (27021) Meeting Report ISO/IEC DCOR Information security risk management Meeting Report ISO/IEC DCOR Sectorspecific application of ISO/IEC Requirements Meeting report ISO/IEC Guidelines for cyber insurance Meeting report ISO/IEC DIS Guidelines for information security management systems auditing Meeting report ISO/IEC 2nd PDTS Guidelines for the assessment of information security controls Meeting report ISO/IEC DIS Information security controls for the energy utility industry Meeting report ISO/IEC DIS Competence requirements for information security management systems professionals Page 16 of 24

17 ISO/IEC JTC 1/SC 27 SC 27 CRM (WG 1) Resolutions 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Resolution 3: Documents for Information ISO/IEC JTC 1/SC 27 requests its Secretariat to circulate the following documents to National Bodies for information: Doc No. Project Title SC27N (27009) SC27N (27005) SC27N (27009) SC27N (27102) SC27N (27007) SC27N (27008) SC27N (27019) SC27N (27021) Justification report Cancellation of ISO/IEC DCOR Sector-specific application of ISO/IEC Requirements Meeting Report ISO/IEC DCOR Information security risk management Meeting Report ISO/IEC DCOR Sector-specific application of ISO/IEC Requirements Meeting report ISO/IEC Guidelines for cyber insurance Meeting report ISO/IEC DIS Guidelines for information security management systems auditing Meeting report ISO/IEC 2nd PDTS Guidelines for the assessment of information security controls Meeting report ISO/IEC DIS Information security controls for the energy utility industry Meeting report ISO/IEC DIS Competence requirements for information security management systems professionals Resolution 4: Document for Study and Comment ISO/IEC JTC 1/SC 27 requests the WG1 Convenor to circulate the following document to Working Group Experts for study and comment: Doc No. Project Title Comments Due By: SC27N17187 WG1N (27102) Guidelines for cyber insurance Page 17 of 24

18 ISO/IEC JTC 1/SC 27 SC 27 CRM (WG 1) Resolutions 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Resolution 5: Document for Publication ISO/IEC JTC 1/SC 27 requests its Secretariat to take appropriate action for the publication of the following document: Doc. Project Title SC27 N17185 (WG1 N970) (27005) Revised Text for ISO/IEC COR Information security risk management Resolution 6: Documents for DIS/DAM/DTS/DTR ISO/IEC JTC 1/SC 27 requests its Secretariat to register and circulate the following documents as first DIS/DAM/DTS/DTR for balloting: Doc. Project Title SC27 N (27008) Resolution 7: Documents for FDIS ISO/IEC DTS Guidelines for the assessment of information security controls ISO/IEC JTC 1/SC 27 requests its Secretariat to register and circulate the following documents as final DIS/DAM/DTS/DTR for balloting: Doc. Project Title SC27 N (27007) SC27 N (27019) SC27 N (27021) ISO/IEC FDIS Guidelines for information security management systems auditing ISO/IEC FDIS Information security controls for the energy utility industry ISO/IEC FDIS Competence requirements for information security management systems professionals Resolution 8: Request for DCOR Cancellation ISO/IEC JTC 1/SC 27 requests its Secretariat to appropriate action to cancel the ISO/IEC DCOR project in accordance with the justification report provided in SC27N Page 18 of 24

19 ISO/IEC JTC 1/SC 27 SC 27 CRM (WG 1) Resolutions 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Resolution 9: Request for Project Time Limit Extension ISO/IEC JTC 1/SC 27 requests its Secretariat to take appropriate action to extend the project deadline for ISO/IEC Resolution 10: SC 27 Liaison Statements ISO/IEC JTC 1/SC 27 approves the preparation of the following liaison statements and requests the WG 1 Management Team review the text before referral to the SC 27 Secretariat to send these liaison statements to the committees concerned. Input Doc. Output Doc. To Topic INTERNAL WITHIN ISO SC27 N17201 ISO/CASCO WG21 ISO/IEC ISO/IEC SC27 N17202 ISO/PC 302 ISO/IEC WG1 N@ SC27 N17203 ISO/TC 292 All Projects INTERNAL WITHIN IEC SC27 N17@ SC 27 N17210 IEC/SC 45A ISO/IEC SC27 N17@ SC 27 N17204 IEC/TC 57/WG 15 ISO/IEC WG1 N@ SC 27 N17205 IEC/TC 65/WG 10 ISO/IEC INTERNAL WITHIN ISO/IEC JTC 1 ISO/IEC WG1 N@ SC 27 N17206 ISO/IEC JTC 1/SC 40 ISO/IEC EXTERNAL (CAT A) SC27 N17207 IAF ISO/IEC WG1 N@ SWG-T CSA ISO/IEC ISO/IEC ISO/IEC SP Cloud Use Cases SC 27 N17208 ISACA ISO/IEC 27002, ISO/IEC 27005, ISO/IEC 27007, ISO/IEC 27008, ISO/IEC 27014, ISO/IEC 27021, SP Cyber Resilience SC27N 17@ (WG1 N@) SWG-T ISC(2) ISO/IEC 27002, ISO/IEC 27005, ISO/IEC Cyber Insurance Page 19 of 24

20 ISO/IEC JTC 1/SC 27 SC 27 CRM (WG 1) Resolutions 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Input Doc. Output Doc. To Topic SWG-T ITU-T SG17 ISO/IEC 27011, ISO/IEC 27009, ISO/IEC EXTERNAL VIENNA AGREEMENT WG1 N@ SC 27 N17209 CEN/TC 428 ISO/IEC WG1 N@ SC 27 N17211 CEN/TC 377 General Page 20 of 24

21 ISO/IEC JTC 1/SC 27 Appreciations 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Appreciations Appreciation A Thanks to the WG 1 Experts, Editors, Rapporteurs and National Body Experts The WG 1 Convenor and WG 1 Vice-Convenor thank all WG 1 experts, national body delegates and editors present in Hamilton, New Zealand for their efforts and continued support in progressing the many SC 27 projects. Acclamation Appreciation B Thanks to the Convenor ISO/IEC JTC 1/SC 27/WG 1 thanks Edward Humphreys for his work as WG 1 Convener. Acclamation Appreciation C Thanks to the Vice-Convenor ISO/IEC JTC 1/SC 27/WG 1 thanks Dale Johnstone and his Mexican oompa loompa for his work as WG 1 Vice-Convener. Acclamation Appreciation D Thanks to the SC 27 Secretariat ISO/IEC JTC 1/SC 27/WG 1 thanks Krystyna Passia for her efficient and unflagging secretarial support during the meeting. It also expresses its appreciation for the superb work she has provided to SC 27 and WG 1 over the past years. Acclamation Appreciation E Thanks to the WG1 Drafting Committee ISO/IEC JTC 1/SC 27/WG 1 expresses its thanks of appreciation to Dale Johnstone, Pablo Corona, Andreas Fuchsberger and David Brewer for assisting the WG 1 Convenor in producing the WG 1 Recommendations and Resolutions. Acclamation Page 21 of 24

22 ISO/IEC JTC 1/SC 27 Appreciations 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Appreciation F Thanks to Defect Report and DCOR Meeting Rapporteurs ISO/IEC JTC 1/SC 27/WG 1 thanks the following Rapporteurs for their contributions to the following meetings: Elzbieta Andrukiewicz Angelika Eksteen Matthieu Grall Elzbieta Andrukiewicz Anders Carlstedt Angelika Eksteen Fuki Azetsu ISO/IEC Defect Report ISO/IEC Defect Report ISO/IEC DCOR ISO/IEC Defect Report ISO/IEC DCOR Acclamation Appreciation G Thanks to the Study Period Meeting Rapporteurs ISO/IEC JTC 1/SC 27/WG 1 thanks the following for their contributions as Rapporteurs to the Study Period. Fredrik Blix Srinivas Potharaju Nadya Bartol Angelika Eksteen Fuki Azetsu Srinivas Potharaju Beniot Poletti Geoff Clarke Bridget Kenyon Miho Naganuma Design Specification for Guidelines on Cyber Resilience Use case examples for the application of ISO/IEC Use of ISO/IEC family of standards in Governmental / Regulatory requirements Design specification for the revision of ITU-T X.1054 ISO/IEC 27014:2011 Acclamation Appreciation H Thanks to Editor and Co-Editors of ISO/IEC ISO/IEC JTC 1/SC 27/WG 1 expresses its thanks of appreciation to Jan Branzell, Raquael Porciuncula and Yukihijo Kitahara for their hard work in progressing the development of ISO/IEC through to its publication. Acclamation Page 22 of 24

23 ISO/IEC JTC 1/SC 27 Appreciations 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Appreciation I Thanks to Editor and Co-Editors of ISO/IEC ISO/IEC JTC 1/SC 27/WG 1 expresses its thanks of appreciation to David Brewer, Nadya Bartol, Richard Wilsher for their hard work in progressing the development of ISO/IEC through to its publication. Acclamation Appreciation J Thanks to Editor and Co-Editor of ISO/IEC ISO/IEC JTC 1/SC 27/WG 1 expresses its thanks of appreciation to Brian O Toole, Miho Naganuma for their hard work in progressing the development of ISO/IEC through to its publication. Acclamation Appreciation K Thanks to the Host and Sponsors ISO/IEC JTC1/SC 27 wishes to thank the following for hosting the very successful meeting Working Group 1 meetings in Hamilton, New Zealand. Hosts: Dr Ryan Ko, The University of Waikato Craig Scoon, The University of Waikato Cloud Security Alliance Standards New Zealand The University of Waikato Tourism New Zealand Major Sponsors: Platinum Sponsor: HDS Gold Sponsor and Gala Dinner Beverage Sponsor: Endace Catering sponsor: STRATUS In addition Meeting Suppliers: Kahurangi Catering, SBI Productions, Novotel Tainui Hamilton, Vidcom, Go Bus, Hobbiton Finally: Cameron Brown and the Ask Me! Team of Students and Lecturers at The University of Waikato ForumPoint2 Conference Partners Team Conference, Security and Logistics Staff at The University of Waikato Acclamation Page 23 of 24

24 ISO/IEC JTC 1/SC 27/WG 1 N9XX ISO/IEC JTC 1/SC 27 Information technology - Security techniques Secretariat: DIN, Germany Replaces: DOC TYPE:, CRM Resolutions and Acclamations TITLE: Recommendations of the 54 th SC 27 WG 1 Plenary Meeting (for Documents Stages 00 20) and Resolutions of the Comment Resolution Meeting (for Documents Stages 30 60) held in Hamilton, New Zealand, SOURCE: 54 th SC 27/WG 1 Plenary and CRM Meeting DATE: PROJECT: STATUS: This document has been at the 54 th SC 27/WG 1 Plenary Meeting in Hamilton, New Zealand, and is being circulated for information. This document also contains Disapproval Vote Comments (Annex A), Plenary notes (Annex B) ACTION ID: DUE DATE: DISTRIBUTION: MEDIUM: NO. OF PAGES: FYI P, O, L Members L. Rajchel, JTC 1 Secretariat H. Cuschieri, ITTF W. Fumy, SC 27 Chairman M. De Soete, SC 27 Vice-Chair E. Humphreys, T. Chikazawa, M. Bañón, J. Amsenga, K. Rannenberg, WG-Convenors Secretariat ISO/IEC JTC 1/SC 27 DIN Deutsches Institut für Normung e. V., Am DIN-Platz, Burggrafenstr. 6, D [D postal] Berlin, Germany Telephone: ; Facsimile: ; krystyna.passia@din.de

25 ISO/IEC JTC 1/SC 27 Annex B 54 th WG 1 Plenary Meeting in Hamilton, New Zealand Page 24 of 24