Category Technical Report Organisation International Organization for Standardization (ISO) ID ISO/TR 11633-2:2021 Type Standard Version 2 Access Fees apply to access Status Active Created Feb-21 This document provides a guideline for the implementation of an information-security management system (ISMS) by showing practical examples of risk analysis on remote maintenance services (RMS). It applies to information systems in healthcare facilities (HCFs) provided by vendors of medical devices or health information systems.This guidance aims to protect the information assets on both sides (primarily the information system itself and personal health data) in a safe and efficient way. It covers the application of ISMS to RMS; security management measures for RMS; and gives an example of the evaluation and effectiveness based on the ‘controls’ defined in the ISMS.Main sections:· Scope· Normative references· Terms and definitions· Application of ISMS to remote maintenance services· Security management measures for remote maintenance services· Approving residual risks· Security audit· Annex A: Example of risk assessment in remote maintenance services