While not every ISO standard will apply to your organization, it’s helpful to get an overall understanding of ISO 27000 and its core principles, including requirements for building an ISMS. ISO IEC 27001:2013 is the only standard in the ISO 27000 series that companies can be audited and certified against. The ISO/IEC 27000-series is comprised of 46 individual standards, including ISO 27000 itself.Īt its core is ISO 27001, which details requirements for implementing an ISMS. This ISMS is designed to mitigate risk across three pillars of information security: people, processes, and technology. The ISO 27000 series of standards is published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission to help organizations improve their information technology security by building a strong information security management system (ISMS).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |