ISO/IEC 27007:2011 Information technology -- Security techniques -- Guidelines for information security management systems auditing

Year: 2011
Tongue: English
Leaves: 34
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

ISO/IEC 27007:2011 provides guidance on managing an information security management system (ISMS) audit programme, on conducting the audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011.

ISO/IEC 27007:2011 is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.

✦ Table of Contents

ISO_IEC_27007_2011(E)-Character_PDF_document......Page 1
5.1 General......Page 7
5.3.3.1 IS 5.3.3 Determining the extent of the audit programme......Page 8
5.4.2.1 IS 5.4.2 Defining the objectives, scope and criteria for an individual audit......Page 9
5.4.4.1 IS 5.4.4 Selecting the audit team members......Page 10
6.2.3.1 IS 6.2.3 Determining the feasibility of the audit......Page 11
6.4.6 Collecting and verifying information......Page 12
7.2.1 General......Page 13
7.2.3.3.1 IS 7.2.3.3 Discipline and sector specific knowledge and skills of management system auditors......Page 14
7.6 Maintaining and improving auditor competence......Page 15

📜 SIMILAR VOLUMES

ISO/IEC 27006 - Information technology,

📁 ISO/IEC 27006 - Information technology, security techniques, requirements for bodies providing audit and certification of information sercurity management systems

✍ ISO 📂 Library 📅 2007 🏛 ISO/IEC 🌐 English

ISO/IEC 27003:2010, Information technolo

📁 ISO/IEC 27003:2010, Information technology - Security techniques - Information security management system implementation guidance

✍ ISO/IEC/JTC 1/SC 27 📂 Library 📅 2010 🏛 Multiple. Distributed through American National St 🌐 English

ISO/IEC 27003:2010 focuses on the critical aspects needed for successful design and implementation of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2005. It describes the process of ISMS specification and design from inception to the production of implementation p

[ISO/IEC 27000:2018] Information technol

📁 [ISO/IEC 27000:2018] Information technology — Security techniques — Information security management systems — Overview and vocabulary

✍ ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection 📂 Library 📅 2018 🏛 ISO/IEC 🌐 English

ISO/IEC 27000:2018 provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is applicable to all types and sizes of organization (e.g. commercial enterprises, government agencies, not-

ISO/IEC 27004:2009, Information technolo

📁 ISO/IEC 27004:2009, Information technology - Security techniques - Information security management - Measurement

✍ ISO/IEC/JTC 1/SC 27 📂 Library 📅 2009 🏛 Multiple. Distributed through American National St 🌐 English

ISO/IEC 27004:2009 provides guidance on the development and use of measures and measurement in order to assess the effectiveness of an implemented information security management system (ISMS) and controls or groups of controls, as specified in ISO/IEC 27001.ISO/IEC 27004:2009 is applicable to all t

BS ISO/IEC 27035:2011 Information techno

📁 BS ISO/IEC 27035:2011 Information technology. Security techniques. Information security incident management

✍ BSi 📂 Library 📅 2011 🏛 BSi 🌐 English

Descriptors: Data processing, Computers, Management, Data security, Data storage protection, Anti-burglar measures, Computer networks, Computer software, Computer hardware, Data transmission, Information exchange, Documents, Records (documents), Classification systems ICS: 35.040 (Character sets

BS ISO IEC 27005:2008 Information techn

📁 BS ISO IEC 27005:2008 Information technology -- Security techniques -- Information security risk management

✍ BSI 📂 Library 🌐 English