Standard Number:BS EN ISO/IEC 27001:2017
Standard Name:Information technology – Security techniques – Information security management systems – Requirements
Size:2M
Format:PDF
Introduction:1 Scope
BS EN ISO/IEC 27001:2017 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This International Standard also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in this International Standard are generic and are intended to be applicable to all organizations, regardless of type, size or nature. Excluding any of the requirements specified in Clauses 4 to 10 is not acceptable when an organization claims conformity to this International Standard.
2 Normative references
The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
ISO/IEC 27000, Information technology –  Security techniques – Information security management systems-Overview and vocabulary.

Share on Facebook

Post on X

Follow us

Save