Norme niza ISO 27000

Detalji

Kreirano Četvrtak, 29 Kolovoz 2013 15:40

Hitovi: 6030

Sustav upravljanja informacijskom sigurnošću (ISMS – Information security management systems) je osmišljen kako bi osigurao odabir odgovarajućih i razmjernih sigurnosnih kontrola koje štite informacijsku imovinu organizacije te osiguravaju povjerenje zainteresiranih strana. Norme niza 27000 sadrže rječnik, zahtjeve i pojašnjenja za uspostavu, primjenu, rad, praćenje rada, preispitivanje, održavanje i poboljšavanje dokumentiranog sustava upravljanja informacijskom sigurnošću, a u kontekstu sveukupnog poslovanja organizacije. Sadrže zahtjeve za primjenu sigurnosnih kontrola, prilagođenih potrebama pojedine organizacije ili nekog njenog organizacijskog dijela.

Popis norma:
ISO/IEC 27000:2012
Information technology — Security techniques — Information security management systems - Overview and vocabulary

ISO/IEC 27001:2005
Information technology - Security techniques - Information security management systems - Requirements

ISO/IEC 27002:2005
Information technology — Security techniques — Code of practice for information security management

ISO/IEC 27003:2010
Information technology - Security techniques - Information security management system implementation guidance

ISO/IEC 27004:2009
Information technology - Security techniques - Information security management - Measurement

ISO/IEC 27005:2011
Information technology - Security techniques - Information security risk management

ISO/IEC 27006:2011
Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems

ISO/IEC 27007:2011
Information technology — Security techniques — Guidelines for information security management systems auditing

ISO/IEC TR 27008:2011
Information technology — Security techniques —  Guidelines for auditors on information security management systems controls

ISO/IEC 27009
Information technology — Security techniques — Application of ISO/IEC 27001 - requirements

ISO/IEC 27010:2012
Information technology — Security techniques — Information security management for inter-sector and inter-organisational communications

ISO/IEC 27011:2008
Information technology — Security techniques — Information security management guidelines for telecommunications organizations based on ISO/IEC 27002

ISO/IEC 27013:2012
Information technology - Security techniques - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

ISO/IEC TR 27015:2012
Information technology — Security techniques — Information security management guidelines for financial services

ISO/IEC TR 27019:2013
Information technology - Security techniques - Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry

Više podataka o normama niza 27000 saznajte na web stranici www.iso27001security.com.