What this Standard Covers

This Standard specifies a minimum set of cyber security controls intended for small and medium organizations, which typically have less than 500 employees.

About this Standard

Edition

FIRST

Year Published

2021

Intended for Conformity Assessment?

Yes

Comment on the Latest Draft

Drafts available for public review appear below

Draft number: NONE
Date posted: NONE
Comments due by: NONE

Download This Standard

Our standards are always free for non-commercial use.

Note that all standards published before January 30, 2023 remain valid and designated CIOSC under the authority of the CIO Strategy Council. These standards when updated as new editions will be published by the Digital Governance Standards Institute.

Standard Usage*
- Non-Commercial Use
- Commercial use
Commercial use is for instances where you are planning to: 1. incorporate the standard in whole or in part into products or services; 2. use the standard for commercial gain separate from merely adopting or adhering to the standard; and/or 3. create derivative works from the standard

Contact Information
Thank you for your interest. Please fill out the information below so you can download this standard.
Consent*
CAREFULLY READ THIS LICENSE AGREEMENT BEFORE CONTINUING. IT CONTAINS IMPORTANT INFORMATION ABOUT YOUR RIGHTS AND OBLIGATIONS, AS WELL AS LIMITATIONS AND EXCLUSIONS THAT MAY APPLY TO YOU. THIS AGREEMENT CONTAINS A DISPUTE RESOLUTION CLAUSE. WHEN YOU ORDER OR ACCESS CIOSC STANDARDS BY CLICKING THE “I ACCEPT” BUTTON OR OTHERWISE ACCEPTING THIS AGREEMENT BY ACCESSING OR DOWNLOADING CIOSC STANDARDS, YOU AGREE TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT. IF YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY TO THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS, YOU MUST CLICK THE “I DECLINE” BUTTON AND DO NOT ACCESS OR USE THE STANDARDS. View Full Licence Agreement

Please contact us at info@ciostrategycouncil.com for any queries.
I agree to the above
Nom*
First Last
Organization
Email*
Purpose*
Let us know how you intend to use this standard.
Section Break
Phone
This field is for validation purposes and should be left unchanged.

An interpretation has been added to this standard to clarify the meaning of a term used

Download

Current Status

Standard Proposed

In Development

Published

Annual Maintenance

This standard is subject to technical committee review beginning no later than one year from the date of publication. The completion of the review may result in a new edition, revision, reaffirmation or withdrawal of the standard.

Looking for a different standard?

See all standards currently in development or undergoing maintenance in our full Work Program

Work Program

Baseline Cyber Security Controls for Small and Medium Organizations