In addition to the development of ISO/IEC 27001, ISO/IEC JTC1 SC 27 is working on several other standards that will all be included in the 27000 series of standards - in analogy to the other management system standards, such as ISO 9000. The standards in the 27000 series are:
· ISO/IEC 27000: Information security management system fundamentals and vocabulary
· ISO/IEC 27001: Information security management system - Requirements
· ISO/IEC 27002: Code of practice for Information Security Management
· ISO/IEC 27003: Information security management system implementation guidance
· ISO/IEC 27004: Information security management measurement
· ISO/IEC 27005: Information security risk management
· ISO/IEC 27006: Requirements for bodies providing audit and certification of information security management systems
No comments:
Post a Comment