Customer Service:
Mon - Fri: 8:30 am - 6 pm EST

 Most recent

INCITS/ISO/IEC 27001:2005[R2011]

Information technology - Security techniques - Information security management systems - Requirements

This International Standard covers all types of organizations (e.g. commercial enterprises, government agencies, non-profit organizations). This International Standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the context of the organization╞s overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof.
The ISMS is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.
NOTE 1: References to µbusiness╞ in this International Standard should be interpreted broadly to mean those activities that are core to the purposes for the organization╞s existence.
NOTE 2: ISO/IEC 17799 provides implementation guidance that can be used when designing controls.

Content Provider
InterNational Committee for Information Technology Standards [incits]

Others Also Bought

ISO/IEC TR 20000-11:2015
Information technology - Service management - Part 11: Guidance on the relationship between ISO/IEC 20000-1:2011 ...
ISO 9001:2008
Quality management systems -- Requirements
ISO/IEC 27002:2013
Information technology - Security techniques - Code of practice for information security controls

As the voice of the U.S. standards and conformity assessment system, the American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.