ISO/IEC 27000:2009

Information technology — Security techniques — Information security management systems — Overview and vocabulary

Standard Details

ISO/IEC 27000:2009 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of StandardDetails, and defines related terms. As a result of implementing ISO/IEC 27000:2009, all types of organization (e.g. commercial enterprises, government agencies and non-profit organizations) are expected to obtain:

an overview of the ISMS family of StandardDetails;
an introduction to information security management systems (ISMS);
a brief description of the Plan-Do-Check-Act (PDCA) process; and
an understanding of terms and definitions in use throughout the ISMS family of StandardDetails.

The objectives of ISO/IEC 27000:2009 are to provide terms and definitions, and an introduction to the ISMS family of StandardDetails that:

define requirements for an ISMS and for those certifying such systems;
provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements;
address sector-specific guidelines for ISMS; and
address conformity assessment for ISMS.

General Information

Status : WITHDRAWN

Standard Type: Main

Document No: ISO/IEC 27000:2009

Document Year: 2009

Pages: 19

Edition: 1

Section Volume:
ISO/IEC JTC 1/SC 27. IT Security techniques

ICS:
01.040.35 Information technology. Office machines
03.100.70 Management systems *Standards included in this sub-group shall also be included in other groups and/or sub-groups according to their subject *Including environmental management systems (EMS), road traffic management systems, energy management systems, hea
35.030 IT Security *Including encryption

Preview Document