IS/ISO/IEC 27040 : 2024 Information Technology - Security Techniques - Storage Security
NATIONAL FOREWORD
This Indian Standard (First Revision) which is identical to 'ISO/IEC 27040 : 2024 Information technology - Security techniques - Storage security' issued by the International Organization Standardization (ISO) and International Electrotechnical Commission (IEC) was adopted by the Bureau of Indian Standards (BIS) on the recommendations of the Information Systems Security and Privacy Sectional Committee and approval of the Electronics and Information Technology Division Council.
This standard was first published in 2018 and was identical to ISO/IEC 27040 : 2015. The first revision of this standard has been brought out to align it with the latest version of ISO/IEC 27040 : 2024.
The main changes are as follows:
a) the scope has been expanded to cover requirements;
b) the clause structure has been more closely aligned with ISO/IEC 27002 : 2022;
c) requirements have been added in 7, 9, and 10;
d) adjustments have been made regarding the storage technologies which are covered;
e) a new controls labelling scheme has been added;
f) former Annex A, which provided guidance on sanitizing specific types of media, has been removed and text has been added in 10, recommending IEEE 2883 for this purpose;
g) former Annex B, which included table to help prioritize the adoption of recommendation, has been replaced with Annex A that summarizes the requirements and guidance contained in this document; and
h) former Annex C, which provided tutorial oriented material, has been removed and references to appropriate materials have been added in 10.
The text of ISO/IEC standard has been approved as suitable for publication as an Indian Standard without deviations. Certain conventions and terminologies are, however, not identical to those used in Indian Standards. Attention is particularly drawn to the following:
a) Wherever the words 'International Standard' appear referring to this standard, they should be read as 'Indian Standard'; and
b) Comma (,) has been used as a decimal marker while in Indian Standards, the current practice is to use a point (.) as the decimal marker.