ISO/IEC-27001 › Information technology - Security techniques - Information security management systems - Requirements
Show Complete Document History
The following bibliographic material is provided to assist you with your purchasing decision:
Included in this current edition are the following subparts:
2ND EDITION CORRIGENDUM 1 - Sept. 15, 2014
2ND EDITION CORRIGENDUM 2 - Dec. 1, 2015
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.
To find similar documents by classification:
03.100.70 (Management systems Standards included in this sub-group shall also be included in other groups and/or sub-groups according to their subject Including environmental management systems (EMS), road traffic management systems, energy management systems, health care management systems, etc.)
This document comes with our free Notification Service, good for the life of the document.
This document is available in either Paper or PDF format.
Oct. 1, 2013
ISO/IEC JTC 1/SC 27