iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO 23799:2024

(Main)

Ships and marine technology — Assessment of onboard cyber safety

Ships and marine technology — Assessment of onboard cyber safety

This document establishes the elements of onboard cyber risk assessment and specifies requirements for the assessment process, assessment preparation, risk identification, risk analysis and risk evaluation. This document applies to the risk assessment of onboard cyber systems based on network technologies which mainly include bridge systems, cargo management systems, propulsion and machinery management and power control systems, access control systems, passenger or visitor servicing and management systems, passenger-facing networks, core infrastructure systems, administrative and crew welfare systems and communication systems.

Titre manque

General Information

Status
Published
Publication Date
25-Jan-2024
ICS
47.020.01 - General standards related to shipbuilding and marine structures
Technical Committee
ISO/TC 8 - Ships and marine technology
Drafting Committee
ISO/TC 8/WG 4 - Maritime security
Current Stage
6060 - International Standard published
Start Date
26-Jan-2024
Due Date
20-Jun-2024
Completion Date
26-Jan-2024
Ref Project

Buy Standard

ISO/PRF 23799 - Ships and marine technology — Assessment of onboard cyber safety Released:7. 11. 2023ISO/PRF 23799 - Ships and marine technology — Assessment of onboard cyber safety Released:7. 11. 2023
PreviousNext
Draft
ISO/PRF 23799 - Ships and marine technology — Assessment of onboard cyber safety Released:7. 11. 2023
English language
18 pages
sale 15% off
Preview
sale 15% off
Preview
REDLINE ISO/PRF 23799 - Ships and marine technology — Assessment of onboard cyber safety Released:7. 11. 2023REDLINE ISO/PRF 23799 - Ships and marine technology — Assessment of onboard cyber safety Released:7. 11. 2023
PreviousNext
Draft
REDLINE ISO/PRF 23799 - Ships and marine technology — Assessment of onboard cyber safety Released:7. 11. 2023
English language
18 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO
STANDARD 23799
First edition
Ships and marine technology —
Assessment of onboard cyber safety
PROOF/ÉPREUVE
Reference number
ISO 23799:2023(E)
© ISO 2023

---------------------- Page: 1 ----------------------
ISO 23799:2023(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2023
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
PROOF/ÉPREUVE © ISO 2023 – All rights reserved

---------------------- Page: 2 ----------------------
ISO 23799:2023(E)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Elements and process of risk assessment . 2
4.1 Relationship of elements . . 2
4.2 Process of risk assessment . 3
5 A s s e s s ment pr ep a r at ion . 5
6 Risk identification .5
6.1 Identification of asset . 5
6.2 Identification of threat . 8
6.3 Identification of vulnerability . 10
6.4 Identification of existing control measures . 11
7 Risk analysis .12
7.1 Risk analysis process .12
7.2 Risk calculation method . .12
7.3 Impact loss of consequences of incident scenarios .12
7.4 Likelihood of incident scenarios . 13
7.5 Risk calculation of onboard cyber security .
...

ISO/DIS 23799: 2023(E)
Style Definition: Heading 2: Tab stops: Not at 0.63 cm
Style Definition: Heading 3: Tab stops: 1.27 cm, List
ISO TC 8/WG 4
tab
Style Definition: Heading 4: Tab stops: 1.9 cm, List tab
Date: 2023-12-2211-07
+ Not at 1.27 cm
Ships and marine technology — Assessment of onboard cyber safety
Style Definition: Heading 5: Tab stops: 1.9 cm, List tab
+ Not at 1.27 cm
Style Definition: Heading 6: Tab stops: 2.54 cm, List
tab + Not at 1.27 cm + 1.9 cm
Style Definition: Heading 8: Font color: Text 1
Style Definition: Heading 9: Font color: Text 1
Style Definition: Default Paragraph Font
Style Definition: List Number 2: Tab stops: Not at 0.7
cm + 1.4 cm + 2.1 cm + 2.8 cm + 3.5 cm + 4.2 cm +
4.9 cm + 5.6 cm + 6.3 cm + 7 cm
Style Definition
...
Style Definition: Caption
Style Definition: Block Text
Style Definition: TOC 3
Style Definition: TOC 2
Style Definition: Subtitle: Font color: Text 1
Style Definition: List
Style Definition: a2: Tab stops: 0.63 cm, List tab
Style Definition: a3: Tab stops: 1.27 cm, List tab
Style Definition: a4: Tab stops: 1.9 cm, List tab
Style Definition: a5: Tab stops: 1.9 cm, List tab
Style Definition: a6: Tab stops: 2.54 cm, List tab
Style Definition: zzCopyright
Style Definition: Figure Title
Style Definition: Annex Figure Title
Style Definition: Annex Table Title
Style Definition: 段
Style Definition: Hashtag1
Style Definition: Intense Quote
Style Definition: Mention1
Style Definition: Quote: Font color: Text 1
Style Definition: Smart Hyperlink1
Style Definition: Subtle Emphasis1: Font color: Text 1
Style Definition: Subtle Reference1: Font color: Text 1
Style Definition: Unresolved Mention1
Style Definition
...
Style Definition
...
Style Definition: ISO_Secret_Observations

---------------------- Page: 1 ----------------------
ISO/DIS 23799:2023(E)
© ISO 2023
Formatted: Default Paragraph Font
Formatted: Indent: Left: 0 cm, Right: 0 cm, Space
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no
Before: 0 pt, No page break before, Adjust space
part of this publication may be reproduced or utilized otherwise in any form or by any means,
between Latin and Asian text, Adjust space between
electronic or mechanical, including photocopying, or posting on the internet or an intranet, without
Asian text and numbers
prior written permission. Permission can be requested from either ISO at the address below or
Formatted: Default Paragraph Font
ISO’sISO's member body in the country of the requester.
ISO copyright officeCopyright Office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Formatted: Indent: Left: 0 cm, First line: 0 cm, Right: 0
cm, Adjust space between Latin and Asian text, Adjust
Phone: + 41 22 749 01 11 space between Asian text and numbers
Email: copyright@iso.org
Email: copyright@iso.org
Website: www.iso.orgwww.iso.org
Formatted: Indent: Left: 0 cm, First line: 0 cm, Right: 0
cm, Adjust space between Latin and Asian text, Adjust
Published in Switzerland. space between Asian text and numbers
ii © ISO 2023 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/DIS 23799:2023(E)
Contents     Page
Foreword . iv
Introduction . v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions. 1
4 Elements and process of risk assessment . 2
5 Assessment preparation . 4
6 Risk identification . 4
7 Risk analysis . 10
8 Risk evaluation . 13
Annex A .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 24438:2023(Main)
Ships and marine technology — Maritime education and training — Maritime career guidance

This document provides a powerful decision-making tool for persons that either have clear professional development goals or uncertainties related to the progression of their career paths, including minimum education and training requirements for many of the maritime-related occupations. It aims to assist candidates to take the necessary steps to meet their goals. This document seeks to assist professionals in (or those who would like to enter) the maritime sector, on board or ashore, in determining their professional goals, establishing how to achieve them through this proactive tool, taking into consideration: — personal circumstances and academic background; — previous work experience, knowledge and skills; — short, medium and long-term ambitions; — changing education and training requirements resulting from continual industry evolution; — current and future job opportunities, — impact of technology, and — shifting personal interests, attitudes, abilities, and goals. This document helps identify many of the potential jobs within the maritime industry, on board and ashore, in order to provide alternative career paths.

  • Standard
    17 pages
    English language
    sale 15% off
  • Draft
    16 pages
    English language
    sale 15% off
  • Draft
    16 pages
    English language
    sale 15% off
ISO
ISO 23806:2022(Main)
Ships and marine technology — Cyber safety

This document gives requirements and recommendations for establishing, implementing, maintaining and continually improving a cyber risk assessment system within the context of a company’s security management system (SMS). All the elements for compliance with this document can therefore be traceable within the SMS by direct inclusion or reference.

  • Standard
    6 pages
    English language
    sale 15% off
ISO
ISO 29404:2015(Main)
Ships and marine technology — Offshore wind energy — Supply chain information flow

ISO 29404:2015 specifies content and format of the messages initiating and controlling the physical movement of wind turbine generator (WTG) components from suppliers to the construction site during the construction phase as well as for repair and maintenance purposes. ISO 29404:2015 is applicable to all organizations involved in the production, transportation, storage and installation of WTG parts and related components. This International Standard is not intended to be applied to substations. Messages described in this International Standard covers only the operational aspects of logistics and therefore this International Standard will represent only one aspect of the entire information flow. ISO 29404:2015 does not specify the technical implementation of appropriate IT products. It rather provides an approach based on the EPC Information System (EPCIS) standard and describes the usage of extension mechanisms provided by the EPCIS standard for the exchange of information in the offshore wind supply chain. It aims at standardizing the exchange of essential logistic information. This International Standard specifies elementary informational needs of involved parties in the offshore supply chain and defines mechanisms for the exchange of this information via the EPCIS. Due to the high degree of specialization along different offshore supply chains, partners exchanging information might require mechanisms for personalizing according to their individual demands. The underlying extendable EPCIS concept allows end users and industry consortiums to extend and to refine the information exchange. These extensions might go far beyond the basic information exchange described in this International Standard.

  • Standard
    37 pages
    English language
    sale 15% off
  • Standard
    37 pages
    English language
    sale 15% off
ISO
ISO 30004:2012(Main)
Ships and marine technology — Ship recycling management systems — Guidelines for the implementation of ISO 30000

ISO 30004:2012 provides generic advice on the application of ISO 30000:2009. It explains the underlying principles of ISO 30000 and describes the intent, typical inputs, processes and typical outputs, for each requirement of ISO 30000. This is to aid in the understanding and implementation of ISO 30000. ISO 30004:2012 does not create additional requirements to those specified in ISO 30000, nor does it prescribe mandatory approaches to the implementation of ISO 30000.

  • Standard
    39 pages
    English language
    sale 15% off
  • Standard
    50 pages
    Russian language
    sale 15% off
ISO
ISO 30002:2012(Main)
Ships and marine technology — Ship recycling management systems — Guidelines for selection of ship recyclers (and pro forma contract)

This International Standard provides guidance to shipowners in the selection of a ship recycling facility. In order to ensure as far as possible that vessels are recycled in a safe and environmentally sound manner, shipowners need to consider to which ship recycling facilities they wish to sell their ships, and it is therefore important that ship recycling facilities provide certain objective information to assist in this selection process. Ship recycling facilities that are unwilling to provide this information on request by the shipowner cannot be objectively assessed. Since the shipowner might not be able to verify the information given, it is the sole responsibility of the ship recycling facilities to ensure that such information is correct. However, it is important that shipowners be critical in their consideration of any such information, and aware that some facilities might publish obviously false information or give contradictory data that make it apparent that the information supplied does not reflect reality. In such cases the facilities cannot be objectively assessed. It applies to the process of selecting a ship recycling facility and the use of a pro forma contract. It does not consider other aspects of ship recycling which are covered by other standards of the ISO 30000 series. This International Standard is applicable to shipowners who wish a) to select a ship recycling facility in order to carry out safe and environmentally sound ship recycling, b) to demonstrate conformity with the ISO 30000 series, and c) to ensure themselves that the ship recycling facility chosen is in conformity with the ISO 30000 series. This International Standard does not limit shipowners to selling to or recycling at facilities that have ISO 30000 certification.

  • Standard
    4 pages
    English language
    sale 15% off
  • Standard
    6 pages
    Russian language
    sale 15% off
ISO
ISO 30005:2012(Main)
Ships and marine technology — Ship recycling management systems — Information control for hazardous materials in the manufacturing chain of shipbuilding and ship operations

ISO 30005:2012 provides guidance for the management, communication, and maintenance of information in an effective, standardized, and compatible manner in accordance with the requirements of the Hong Kong International Convention for the Safe and Environmentally Sound Recycling of Ships.

  • Standard
    25 pages
    English language
    sale 15% off
  • Standard
    26 pages
    Russian language
    sale 15% off
ISO
ISO 30006:2010(Main)
Ship recycling management systems — Diagrams to show the location of hazardous materials onboard ships

ISO 30006:2010 provides requirements for diagrams to show the location of hazardous materials onboard ships. Such diagrams help ship recyclers understand an inventory of hazardous materials, a document that is required by the Hong Kong International Convention for the Safe and Environmentally Sound Recycling of Ships, 2009. ISO 30006:2010 is also helpful to any person required to prepare an inventory.

  • Standard
    9 pages
    English language
    sale 15% off
  • Standard
    12 pages
    French language
    sale 15% off
ISO
ISO 30007:2010(Main)
Ships and marine technology — Measures to prevent asbestos emission and exposure during ship recycling

ISO 30007:2010 provides effective methods for minimizing the dangers of asbestos during ship recycling, reducing both the release of asbestos into the environment and worker exposure to asbestos. It helps ship recyclers to fulfil the requirements of The Hong Kong International Convention for the Safe and Environmentally Sound Recycling of Ships, 2009.

  • Standard
    15 pages
    English language
    sale 15% off
  • Standard
    16 pages
    French language
    sale 15% off
  • Standard
    18 pages
    Russian language
    sale 15% off
ISO
ISO 30003:2009(Main)
Ships and marine technology — Ship recycling management systems — Requirements for bodies providing audit and certification of ship recycling management

ISO 30003:2009 contains principles and requirements for bodies providing the audit and certification of ship recycling management systems according to management system standards and standards such as ISO 30000.

  • Standard
    43 pages
    English language
    sale 15% off
ISO
ISO 30000:2009(Main)
Ships and marine technology — Ship recycling management systems — Specifications for management systems for safe and environmentally sound ship recycling facilities

This International Standard specifies requirements for a management system to enable a ship recycling facility to develop and implement procedures, policies and objectives in order to be able to undertake safe and environmentally sound ship recycling operations in accordance with national and international standards. The management system requirements take into account the relevant legal requirements, safety standards and environmental elements that the ship recycling facility needs to identify and comply with in order to carry out safe and environmentally sound ship recycling. This International Standard applies to the entire process: accepting a ship for recycling by the facility; assessing the hazards onboard the ship; identifying and complying with any applicable notification and import requirements for ships to be recycled; carrying out the recycling process in a safe and environmentally sound manner; conducting required training; ensuring the availability of social amenities (e.g. first aid, health checks, food and beverages); storage and processing of materials and wastes from the ship; waste stream and recycling stream management, including contractual agreements; and documentation controls for the process, including any applicable notification of the final disposal of the vessel. This International Standard is applicable to any ship recycling facility that wishes to: establish, implement, maintain and improve a safe and environmentally sound management system for the recycling of ships; assure itself of conformity with its stated safe and environmentally sound management policy; demonstrate conformity with this International Standard by making a self-determination and self-declaration, or seeking confirmation of its conformance by parties having an interest in the facility such as customers, or seeking confirmation of its self-declaration by a party external to the organization, or seeking certification/registration of its management system by an external organization. All the requirements of this International Standard are intended to be incorporated into the management systems of any ship recycling facility. In order to be in compliance with this International Standard, the management systems will address all requirements. A comparison of this International Standard and the planned IMO International Convention for the safe and environmentally sound recycling of ships is given in Annex A.

  • Standard
    16 pages
    English language
    sale 15% off
  • Standard
    18 pages
    French language
    sale 15% off
  • Standard
    18 pages
    Russian language
    sale 15% off