ISO/IEC 27001

IT security now also available in German. So far, the central standard for information security management systems (ISMS), ISO/IEC 27001:2005, has only been available in English. Now the standard is also available as a draft in German with the number DIN ISO/IEC 27001:2007-02. The standard defines the requirements for the implementation, surveillance and maintenance of a documented ISMS, which can be certified according to this standard. The key element is the comprehensive risk management system. The standard additionally specifies the systematic structure of a management system, which focuses on application of a process approach, and establishes the prerequisites for an integrated system: ISO 27001 is structured similarly to ISO 9001 and ISO 14001.