ISO/IEC 27000:2012, Information security
✍ ISO
📂 Library
📅 2012
🌐 English
✦ LIBER ✦
📁
[ISO/IEC 27000:2018] Information technology — Security techniques — Information security management systems — Overview and vocabulary
✍ Scribed by ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
- Publisher
- ISO/IEC
- Year
- 2018
- Tongue
- English
- Leaves
- 34
- Series
- International Standard
- Edition
- 5
- Category
- Library
⬇ Acquire This Volume
No coin nor oath required. For personal study only.
✦ Synopsis
ISO/IEC 27000:2018 provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is applicable to all types and sizes of organization (e.g. commercial enterprises, government agencies, not-for-profit organizations).
The terms and definitions provided in this document
-
cover commonly used terms and definitions in the ISMS family of standards;
-
do not cover all terms and definitions applied within the ISMS family of standards; and
-
do not limit the ISMS family of standards in defining new terms for use.
✦ Table of Contents
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Information security management systems
4.1 General
4.2 What is an ISMS?
4.2.1 Overview and principles
4.2.2 Information
4.2.3 Information security
4.2.4 Management
4.2.5 Management system
4.3 Process approach
4.4 Why an ISMS is important
4.5 Establishing, monitoring, maintaining and improving an ISMS
4.5.1 Overview
4.5.2 Identifying information security requirements
4.5.3 Assessing information security risks
4.5.4 Treating information security risks
4.5.5 Selecting and implementing controls
4.5.6 Monitor, maintain and improve the effectiveness of the ISMS
4.5.7 Continual improvement
4.6 ISMS critical success factors
4.7 Benefits of the ISMS family of standards
5 ISMS family of standards
5.1 General information
5.2 Standard describing an overview and terminology: ISO/IEC 27000 (this document)
5.3 Standards specifying requirements
5.3.1 ISO/IEC 27001
5.3.2 ISO/IEC 27006
5.3.3 ISO/IEC 27009
5.4 Standards describing general guidelines
5.4.1 ISO/IEC 27002
5.4.2 ISO/IEC 27003
5.4.3 ISO/IEC 27004
5.4.4 ISO/IEC 27005
5.4.5 ISO/IEC 27007
5.4.6 ISO/IEC TR 27008
5.4.7 ISO/IEC 27013
5.4.8 ISO/IEC 27014
5.4.9 ISO/IEC TR 27016
5.4.10 ISO/IEC 27021
5.5 Standards describing sector-specific guidelines
5.5.1 ISO/IEC 27010
5.5.2 ISO/IEC 27011
5.5.3 ISO/IEC 27017
5.5.4 ISO/IEC 27018
5.5.5 ISO/IEC 27019
5.5.6 ISO 27799
Bibliography
📜 SIMILAR VOLUMES
ISO/IEC 27000:2009, Information security
✍ ISO
📂 Library
📅 2009
🌐 English
Information technology -- Security techn
Information technology -- Security techn
ISO/IEC 27003:2010, Information technolo
✍ ISO/IEC/JTC 1/SC 27
📂 Library
📅 2010
🏛 Multiple. Distributed through American National St
🌐 English
ISO/IEC 27003:2010 focuses on the critical aspects needed for successful design and implementation of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2005. It describes the process of ISMS specification and design from inception to the production of implementation p
ISO/IEC 27007:2011 Information technolog
📂 Library
📅 2011
🌐 English
ISO/IEC 27007:2011 provides guidance on managing an information security management system (ISMS) audit programme, on conducting the audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011. ISO/IEC 27007:2011 is applicable to those needing to understand