Noua familie de standarde ISO/IEC 27000

ISO/IEC 27000 – Fundamentals and vocabulary – 2007
ISO/IEC 27001
– ISMS – Requirements (revised BS 7799 Part 2:2005) – 2005
ISO/IEC 27002
– Code of practice for information security management (currently ISO/IEC 17799:2005) -2005
ISO/IEC 27003
– ISMS implementation guidance (under development) – 2008
ISO/IEC 27004
– Information security management measurement (under development) – 2007
ISO/IEC 27005
– Information security risk management (based on and incorporating ISO/IEC 13335 MICTS Part 2) (under development) – 2008
ISO/IEC 27006
– EA 7/03 (Accreditation Guidelines) has been revised and the new version ISO/IEC 27006 to be published in early 2007
ISO/IEC 27007 –
Guidelines for information security management systems auditing
ISO/IEC 27008 –
a guideline for Information Security Management auditing (focusing on the security controls)
ISO/IEC 27011
– Information security management guidelines for telecommunications organizations based on ISO/IEC 27002
ISO/IEC 27013 – a guideline on the integrated implementation of ISO/IEC 20000-1 and ISO/IEC 27001
ISO/IEC 27014 – an information security governance framework
ISO/IEC 27015 – information security management guidelines for the finance and insurance sectors
ISO/IEC 27031 – a guideline for ICT readiness for business continuity (essentially the ICT continuity component within business continuity management)
ISO/IEC 27032 – a guideline for cybersecurity (essentially, ‘being a good neighbor’ on the Internet)
ISO/IEC 27033 – IT network security, a multi-part standard based on ISO/IEC 18028:2006
ISO/IEC 27034 – a guideline for application security
ISO/IEC 27035 – Information technology — Security techniques — Security incident management (draft)
ISO/IEC 27036 – IT Security — Security techniques — Guidelines for security of outsourcing (draft)
ISO/IEC 27037 – IT Security — Security techniques — Guidelines for identification, collection and/or acquisition and preservation of digital evidence (DRAFT)
ISO 27799:2008 Health informatics — Information security management in health using ISO/IEC 27002

ISO/IEC 27011-27019?: Sector-specific ISMS implementation guidelines

Leave a Reply

Your email address will not be published. Required fields are marked *