ISO/IEC 27001 is an international standard on how to manage information security. It details requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS).
IEC 62443-2-4 is a standard within the IEC 62443 family of standards. It covers security program requirements for IACS (industrial automation control systems) service providers. It defines a set of security capabilities and covers functional areas such as staffing, assurance, architecture, wireless, configuration management, remote access, event management, accounts, malware protection, patching, backups. Our IEC 62443-2-4 certification scope is the Security Program in Grid Automation in almost 40 countries covering 13 functional areas in the standard.
IEC 62443-4-1 is a standard within the IEC 62443 family of standards. It covers secure product development lifecycle requirements. It covers practices such as Security management of the development process, specification of security requirements, secure by design, secure implementation, verification and validation, managing security issues, updates, guidelines.