background preloader

ISO Management Standards

Facebook Twitter

ISO/IEC 27000. ISO/IEC 27000 is part of a growing family of ISO/IEC Information Security Management Systems (ISMS) standards, the 'ISO/IEC 27000 series'.

ISO/IEC 27000

ISO/IEC 27000 is an international standard entitled: Information technology — Security techniques — Information security management systems — Overview and vocabulary. The standard was developed by sub-committee 27 (SC27) of the first Joint Technical Committee (JTC1) of the International Organization for Standardization and the International Electrotechnical Commission. ISO/IEC 27000 provides: ISO/IEC 27000-series. The ISO/IEC 27000-series (also known as the 'ISMS Family of Standards' or 'ISO27k' for short) comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

ISO/IEC 27000-series

The series provides best practice recommendations on information security management, risks and controls within the context of an overall information security management system (ISMS), similar in design to management systems for quality assurance (the ISO 9000 series) and environmental protection (the ISO 14000 series). The series is deliberately broad in scope, covering more than just privacy, confidentiality and IT or technical security issues. It is applicable to organizations of all shapes and sizes. All organizations are encouraged to assess their information security risks, then implement appropriate information security controls according to their needs, using the guidance and suggestions where relevant. ISO 9000. ISO 9000 is a series of standards, developed and published by the International Organization for Standardization (ISO), that define, establish, and maintain an effective quality assurance system for manufacturing and service industries.[1][2] The standards are available through national standards bodies.

ISO 9000

ISO 9000 deals with the fundamentals of quality management systems,[3] including the eight management principles upon which the family of standards is based.[3][4] ISO 9001 deals with the requirements that organizations wishing to meet the standard must fulfill.[5] Third-party certification bodies provide independent confirmation that organizations meet the requirements of ISO 9001. Over a million organizations worldwide[6] are independently certified, making ISO 9001 one of the most widely used management tools in the world today.