This International Standard ISO 27000 provides an overview of information security management systems, which form the subject of the ISMS family of standards, and defines related terms.
NOTE: Annex A provides clarification on how verbal forms are used to express requirements and/or guidance in the ISMS family of standards.
The ISMS family of standards includes standards that:
a) define requirements for an ISMS and for those certifying such systems;
b) provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements;
c) address sector-specific guidelines for ISMS; and
d) address conformity assessment for ISMS.
The terms and definitions provided in this International Standard:
cover commonly used terms and definitions in the ISMS family of standards;
will not cover all terms and definitions applied within the ISMS family of standards; and
do not limit the ISMS family of standards in defining terms for own use.
ISO 27000 addressing only the implementation of controls, as opposed to addressing all controls, from ISO/IEC 27002 are excluded from the ISMS family of standards.
To reflect the changing status of the ISMS family of standards, this International Standard is expected to be continually updated on a more frequent basis than would normally be the case for other ISO/IEC standards.
Чтобы скачать файл: "ISO / IEC 27000 : 2009 (E)", необходима регистрация с последующей авторизацией.