KÜRT – Data Recovery and Information Security

ISO 27000 family of standards

ISO 27000 family of standards

The ISO/IEC 27000 family of standards is based on the BS 7799 standard issued by the British Standard Institute (BSI) in 1999, which, following several generations of revision, was incorporated into the ISO series of standards issued by the International Organisation for Standardisation, and is accepted and recognised internationally across the Information Security profession.

The family is composed of the following elements:
ISO/IEC 27001 – requirements standard, for the certification of the Information Security Management System (ISMS) (issued 2005)
ISO/IEC 27002 – revised and renamed version of ISO 17799 Code of Practice 2005 (issued May 2007)
ISO/IEC 27003 – new ISMS Implementation Guidelines
ISO/IEC 27004 – Information Security Measurement and Evaluation Standard
ISO/IEC 27005 – recommended standard for Risk Management Procedures (successor to BS 7799-3:2006)
ISO/IEC 27006 – guidelines for certification procedure (issued March 2007)
ISO/IEC 27007 – guidelines for Information Security Management System (ISMS) auditing

Printable version