Thursday, February 28, 2008

"Published" vs. "In Progress" Standards from ISO 27000 family

Take a look on "published vs. in progress" standards from ISO 27000 family. It's nice to see that will surge new standards to fill the lack of "industry" oriented controls compilation, like ISO 27799 and ISO 27011.

Published standards:
  • ISO/IEC 27001 - the certification standard against which organizations' ISMS may be certified (published in 2005)
  • ISO/IEC 27002 - the code of practice with good practice advice on ISMS (previously known as ISO 17799 and before that BS 7799 Part 1 (last revised in 2005, and renumbered ISO/IEC 27002:2005 in July 2007)
  • ISO/IEC 27006 - a guide to the certification/registration process (published in 2007)

In progress standards:

  • ISO/IEC 27000 - an introduction and overview for the ISMS Family of Standards, plus a glossary of common terms
  • ISO/IEC 27003 - an ISMS implementation guide
  • ISO/IEC 27004 - a standard for information security management measurements
  • ISO/IEC 27005 - a standard for information security risk management
  • ISO/IEC 27007 - a guideline for auditing ISMSs
  • ISO/IEC 27011 - a guideline for ISMSs in the telecommunications industry
  • ISO/IEC 27799 - guidance on implementing ISO/IEC 27002 in the healthcare industry
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)