Notice

Please be advised you are about to leave the Standards Australia website to proceed to the AustLII website. Click OK to proceed.

CancelOK
engagement & events
>
strategic initiatives
>
critical and emerging technologies
>
ict procurement standards

Critical and Emerging Technologies

ICT Procurement Standards

These are the key standards that, when conformed to, can support sellers to meet common technical specifications in ICT procurement requirements.

Information Security

ISO 27001 provides guidance for maintaining and implementing an information security management system (ISMS)- a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes.

Benefits: prevent key cybersecurity risks- ransom, fines, increased insurance premiums, reputational damage or security breaches, with an average cost of $1 million per breach.
Certification: first party (self-declaration), second party or third party (external). Third party certification is often required.

Privacy

AS 27701 provides guidance for implementing and maintaining a Privacy Information Management System (PIMS)- a framework for processing and controlling Personally Identifiable Information (PII)

Benefits: allows an organisation to adapt to, and report on, varied international privacy requirements, protect customer data and report to stakeholders.
Certification: first party (self-declaration), second party or third party (external).

Risk Management

ISO 31000 provides principles, a framework and a process for managing risk. It can be used by any organization regardless of its size, activity or sector.

Benefits: can help organisations increase the likelihood of achieving objectives, improve the identification of opportunities and threats and effectively allocate and use resources for risk treatment.
Certification: first party (self-declaration), second party or third party (external).  

Cybersecurity Automation and Control Systems

ISA/IEC 62443 series addresses cybersecurity for operational technology in automation and control systems.

Benefits: prevent key cybersecurity risks- ransom, fines, increased insurance premiums, reputational damage or security breaches, with an average cost of $1 million per breach.
Certification: first party (self-declaration), second party or third party (external).  

Cloud Security

ISO/IEC 27017 gives guidelines for information security controls applicable to the provision and use of cloud services for cloud service providers and customers.

Benefits: build trust in your organisation, create competititve advantage , ensure interoperability and secure cloud data.
Certification: first party (self-declaration), second party or third party (external).

Cybersecurity

ISO/IEC 27017 gives guidelines for information security controls applicable to the provision and use of cloud services for cloud service providers and customers.

Benefits: build trust in your organisation, create competititve advantage , ensure interoperability and secure cloud data.
Certification: first party (self-declaration), second party or third party (external).

For further enquiries, please contact SI@standards.org.au

Contact Us
FAQ
Careers
News
Public Access
Fraud Notice

Please be aware there are certain websites purporting to offer Australian Standard® brand standards for sale that are not authorised or controlled by Standards Australia Limited. People wishing to purchase Australian Standard® brand standards or any of our other publications can do so at Standards Store or from our distributors.

Privacy Policy
Website Terms and Conditions
Terms and Conditions
Accessibility Policy
Whistleblower Policy
Diversity Action Plan
COPYRIGHT©2025  STANDARDS AUSTRALIA | SITEMAP