ISO/IEC 27006:2007

Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems
ISO/IEC 27006:2007 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification. The requirements contained in ISO/IEC 27006:2007 need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in ISO/IEC 27006:2007 provides additional interpretation of these requirements for any body providing ISMS certification.
OEN:
IEC
Langue:
English
Code(s) de l'ICS:
03.100.70; 35.030
Statut:
Révisé
Date de Publication:
2007-02-12
Numéro Standard:
ISO/IEC 27006:2007