ISO/IEC 27000:2009

Information technology - Security techniques - Information security management systems - Overview and vocabulary
ISO/IEC 27000:2009 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of standards, and defines related terms. As a result of implementing ISO/IEC 27000:2009, all types of organization (e.g. commercial enterprises, government agencies and non-profit organizations) are expected to obtain: an overview of the ISMS family of standards; an introduction to information security management systems (ISMS); a brief description of the Plan-Do-Check-Act (PDCA) process; and an understanding of terms and definitions in use throughout the ISMS family of standards. The objectives of ISO/IEC 27000:2009 are to provide terms and definitions, and an introduction to the ISMS family of standards that: define requirements for an ISMS and for those certifying such systems; provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements; address sector-specific guidelines for ISMS; and address conformity assessment for ISMS.
OEN:
IEC
Langue:
English
Code(s) de l'ICS:
01.040.35; 03.100.70; 35.030
Statut:
Révisé
Date de Publication:
2009-04-29
Numéro Standard:
ISO/IEC 27000:2009