ISO/IEC 27006:2007
Information technology -- Security techniques -- Requirements for bodies providing audit and certification of information security management systems
Media and price
| Language | Format | Add to basket |
|---|---|---|
| English | PDF (351 kB) | CHF 136,00 |
| English | Paper | CHF 136,00 |
| Russian | PDF (374 kB) | CHF 136,00 |
| Russian | Paper | CHF 136,00 |
General information
Number of Pages: 36
| Edition: 1 (Monolingual) | ICS: 35.040 |
| Status: Published | Stage: 60.60 (2007-02-13) |
| TC/SC: JTC 1/SC 27 |
Abstract
ISO/IEC 27006:2007 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification.
The requirements contained in ISO/IEC 27006:2007 need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in ISO/IEC 27006:2007 provides additional interpretation of these requirements for any body providing ISMS certification.
These standards could also interest you
-
ISO/IEC 27003:2010
Information technology -- Security techniques -- Information security management system implementation guidance -
ISO/IEC 27033-1:2009
Information technology -- Security techniques -- Network security -- Part 1: Overview and concepts -
ISO/IEC 19792:2009
Information technology -- Security techniques -- Security evaluation of biometrics
News feeds
