العربية
中国
Français
Deutsch
Ελληνική
हिन्दी
Italiano
日本語
Português
Русский
EspañolISO/IEC 27006
'ISO/IEC 27006' is an information security standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It is entitled ''IT Security techniques: Requirements for bodies providing audit and certification of Information Security Management Systems (ISMS)''.
ISO/IEC 27006 offers guidelines for the accreditation of organizations which offer certification and registration with respect to an ISMS. ISO/IEC 27006 effectively replaces EA 7/03 (Guidelines for the Accreditation of bodies operating certification/ registration of. Information Security Management Systems).
The standard contains the following ten sections:
★ 1: Scope;
★ 2: References;
★ 3: Terms;
★ 4: Principles;
★ 5: General Requirements;
★ 6: Structural Requirements;
★ 7: Resource Requirements;
★ 8: Information Requirements;
★ 9: Precise Requirements;
★ 10: Management System Requirements.
ISO/IEC 27006 is part of a growing family of ISO/IEC ISMS standards, the 'ISO/IEC 27000 series'. The others (most of which are in preparation) include:
★ ISO/IEC 27000 - a standard vocabulary for the ISMS standards (in preparation)
★ ISO/IEC 27001 - the certification standard against which organizations' ISMS may be certified (published in 2005)
★ ISO/IEC 27002 - the code of practice for information security management
★ ISO/IEC 27003 - a new ISMS implementation guide (in preparation)
★ ISO/IEC 27004 - a standard for information security measurement and metrics (in preparation)
★ ISO/IEC 27005 - a standard for risk management, potentially related to the current British Standard BS 7799 part 3
★ ISO/IEC 27007 - a guideline for auditing information security management systems (in preparation)
★ ISO/IEC 27799 - guidance on implementing ISO/IEC 27002 in the healthcare industry
★ ISO Website
ISO/IEC 27006 offers guidelines for the accreditation of organizations which offer certification and registration with respect to an ISMS. ISO/IEC 27006 effectively replaces EA 7/03 (Guidelines for the Accreditation of bodies operating certification/ registration of. Information Security Management Systems).
| Contents |
| Outline of the Standard |
| The ISO/IEC 27000 series |
| External links |
Outline of the Standard
The standard contains the following ten sections:
★ 1: Scope;
★ 2: References;
★ 3: Terms;
★ 4: Principles;
★ 5: General Requirements;
★ 6: Structural Requirements;
★ 7: Resource Requirements;
★ 8: Information Requirements;
★ 9: Precise Requirements;
★ 10: Management System Requirements.
The ISO/IEC 27000 series
ISO/IEC 27006 is part of a growing family of ISO/IEC ISMS standards, the 'ISO/IEC 27000 series'. The others (most of which are in preparation) include:
★ ISO/IEC 27000 - a standard vocabulary for the ISMS standards (in preparation)
★ ISO/IEC 27001 - the certification standard against which organizations' ISMS may be certified (published in 2005)
★ ISO/IEC 27002 - the code of practice for information security management
★ ISO/IEC 27003 - a new ISMS implementation guide (in preparation)
★ ISO/IEC 27004 - a standard for information security measurement and metrics (in preparation)
★ ISO/IEC 27005 - a standard for risk management, potentially related to the current British Standard BS 7799 part 3
★ ISO/IEC 27007 - a guideline for auditing information security management systems (in preparation)
★ ISO/IEC 27799 - guidance on implementing ISO/IEC 27002 in the healthcare industry
External links
★ ISO Website
This article provided by Wikipedia. To edit the contents of this article, click here for original source.
psst.. try this: add to faves
