BITIL.COM - ISO/IEC 27000 ®

EXIN-accredited - BITIL.COM is an ITIL® Foundation Training Institute & Authorized Examination Center

itSMF UK Member - BITIL.COM is official member of the english chapter since 2005. The founder is a member since 2003

eShop - select the best books on the market, book your exams or register for our Training courses

ISO 27000®

Series ISO / IEC 27000 (also known as "ISMS Family of Standards" or "ISO27k") includes standards for the security of the information published jointly by the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC).

The series provides the best (best practice) recommendations on the management of information security, risks and controls within a Safety Management System Information [Information Security Management Systems (ISMS)], in the same way as for quality management systems supported by the ISO 9000 or for environmental protection, which refers to the ISO 14000 series.

The series is intentionally broad, covering not only aspects of privacy, but also issues of confidentiality and security technology or IT. It’s applicable to organizations of any size or structure, which are encouraged to assess their security risks, and implement the appropriate security controls that can meet their needs through the use of guidelines and recommendations where appropriate. Given the dynamic nature of information security, the concept of ISMS incorporates continuous improvement activities, summarized the approach of the Deming Cycle "plan-do-check-act", which addresses the changes in threats, vulnerabilities and impacts of incidents security for the information.

Currently they have been issued the following four (4) standard of the series, while others are still under development:

ISO / IEC 27001 - standard for the definition, implementation, monitoring and improvement of 'Information Security Management System (based on British Standard BS 7799 Part 2, before the publication of ISO / IEC 2005)
ISO / IEC 27002 - code of practice provides guidance on ISMS (previously known as ISO 17799 is also based on British Standard BS 7799 Part 1, last revised in 2005 and renumbered ISO / IEC 27002:2005 in July 2007.
ISO / IEC 27005 - developed to support the implementation of information security based on an approach to risk management (risk management) published in 2008.
ISO / IEC 27006 - a guide to the process of certification / registration (published in 2007).