Audit Information systems & IT Security
Audit Information systems & IT Security
Menu

: Home

: Terminology

: Best Practice
: : COBIT
: : ISO 27002 (ISO 17799)
: : ISO 27001
: : ISO 27000 Series
: : ISO 20000 - ITIL
: : COSO
: : Info Security Policy
: : Security Domains

: SOX

: Links
: : Organisations
: : Standards Orgs
: : Audit Links
: : Security Links

: The News Page

: Your IP Address

: Contact
: Legal Disclaimer
Search







Audit Information systems & and IT Security

Information System audit and IT Security

ISO 27000 - Series

This series will comprise an entire series of information security related standards. ISO-27001, ISO-27002 and ISO-27006 are completed and planned are ISO-27000, ISO-27003, ISO-27004 and ISO-27005.

Specifically, these are expected to cover the following topics:

ISI 27000 - Information security management systems - Overview and vocabulary (not yet published).

ISO 27001 - Information security management systems -- Requirements (This is the revision of BS 7799 Part 2)

ISO 27002 - Code of practice for information security management (Used to be numbered ISO 17799).

ISO 27003 - Will probably comprise Implementation Guidance

ISO 27004 - Is earmarked for Metrics and Measurement

ISO 27005 - Will be dedicated to Risk Management.

ISO 27006 - Requirements for bodies providing audit and certification of information security management systems.

The timeframe for these developments is long term and undefined.

Obtaining ISO-27000

The ISO 27000 - series is published by ISO. The standards are not free, they have to be purchased. The ISO-17799 standard can be downloaded as part of the ISO-17799 Toolkit stand alone from the ISO17799 Shop, or from ISO.

ISO-27000 Links

The ISO-17799 forum page contains much useful information about the standards.


 



   
Auditing Security and IT Systems
Copyright 2006-2008. All Rights Reserved. Something missing on this page? Let us know