ISMS policies
ISO/IEC 27402

Search this site

ISMS templates

< Previous standard      ^ Up a level ^      Next standard >


ISO/IEC 27402 — Cybersecurity — IoT security and privacy — Device baseline requirements [DRAFT]



This project is documenting basic, commonplace security features expected of IoT devices, enabling the IoT security controls documented in ISO/IEC 27030. A unique (and ideally immutable and verifiable!) device identifier is an example, plus a ‘factory reset’ function. It is anticipated that additional security controls will be required and may be defined in further standards for specific applications (e.g. medical things).

Scope of the standard

The standard is intended to specify a ‘baseline’ or platform for ‘IoT devices’ [things] supporting information security and privacy controls.

Content of the standard



The standard is at 1st Working Draft stage.

Personal notes

Errr, watch this space.

< Previous standard      ^ Up a level ^      Next standard >

Copyright © 2020 IsecT Ltd.