Iso-iec logo
Global | All Industries

ISO/IEC 27110

The International Organization for Standardization (ISO) is an independent, non-governmental international organization with an international membership of 163 national standards bodies. The ISO/IEC 27000 family of standards helps organizations keep their information assets secure.

ISO/IEC 27110, “Information technology, cybersecurity and privacy protection — Cybersecurity framework development guidelines,” specifies that all cybersecurity frameworks should have the following concepts: Identify, Protect, Detect, Respond, Recover. It also outlines the distinction between Information Security and Cybersecurity. These guidelines align with the NIST Cybersecurity Framework (CSF).

  • Identify: The Identify concept addresses people, policies, processes and technology when defining the scope of activities.
  • Protect: The Protect concept can contain many categories and activities related to the safeguarding of assets against intentional or unintentional misuse. 
  • Detect: The Detect concept can include traditional asset monitoring and attack detection.
  • Respond: The Respond concept can include the traditional incident response concepts as well as policies, procedures and plans. 
  • Recover: The activities in the Recover concept define the restoration and communication related activities after a cybersecurity event.

Google's security risk management capabilities are audited as part of ISO/IEC 27001/27002 (Information Security Management), ISO/IEC 27017 (Cloud Security), FedRAMP, and NIST 800-53, which align with the conceptual framework and recommended guidance specified in ISO/IEC 27110 (Identify, Protect, Detect, Respond, Recover).


Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Google Cloud
  • ‪English‬
  • ‪Deutsch‬
  • ‪Español‬
  • ‪Español (Latinoamérica)‬
  • ‪Français‬
  • ‪Indonesia‬
  • ‪Italiano‬
  • ‪Português (Brasil)‬
  • ‪简体中文‬
  • ‪繁體中文‬
  • ‪日本語‬
  • ‪한국어‬
Console
Google Cloud