Most people have come across ISO17799 and ISO27001, the international Information Security Management Standards.
They're now part of a much larger family, of which ISO/IEC 27000 is the root for the whole numbered series of international standards for the management of information security. Developed by a joint committee of the International Standards Organization in Geneva and the International Electrotechnical Commission, these standards now provide a globally recognized framework for good information security management.
The correct designations for most of these standards includes the ISO/IEC prefix and all of them should include a suffix which is their date of publication. Most of these standards, however, tend to be spoken of in shorthand. ISO/IEC 27001:2005, for instance, is often referred to simply as ISO27001.
Some of the standards have already been published, others are still under development. Organizations interested in using or applying these standards should acquire copies, which are available through this site in both hard copy and downloadable formats. Clicking on the highlighted standard number, below, will take you to more information about those standards which have been published, including purchasing options.
No comments:
Post a Comment