• Share e-mail print

Ref.: 1223

New ISO/IEC standard gives overview of information security management systems

2009-05-12

With more and more organizations implementing information security management systems (ISMS) as part of their risk management strategy, the publication of a new ISO/IEC standard giving an overview of ISMS is particularly timely.

Information securityISO/IEC 27000:2009, Information technology – Security techniques – Information security management systems – Overview and vocabulary, will assist organizations of all types to understand the fundamentals, principles and concepts to improve protection of their information assets.

Applicable to all types and sizes of organization (e.g. commercial enterprises, government agencies, non-profit organizations), ISO/IEC 27000:2009 supplements the ISO/IEC 27000 family of standards by providing an introduction to information security management and defining related terms.

Today, an organization's information assets are dependent upon information and communications technology. The technology assists in facilitating the creation, processing, storing, transmitting, protection and destruction of information.

As the extent of the interconnected global business environment expands, so does the requirement to protect information as it is exposed to a wider variety of threats and vulnerabilities.

Edward Humphreys, convenor of the working group, which developed the standard, comments: "Standardized security techniques are becoming mandatory requirements for e-commerce, health-care, telecoms, automotive and many other application areas in both the commercial and government sectors. ISO/IEC 27000:2009, together with the other ISO/IEC 27000 family of standards, aims to assist organizations more effectively achieve an appropriate level of information security."

ISO/IEC 27000:2009, Information technology – Security techniques – Information security management systems – Overview and vocabulary was developed by Joint Technical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 27, IT Security techniques. It is available from ISO national member institutes (see the complete list with contact details). It may also be obtained directly from the ISO Central Secretariat, price 98 Swiss francs, through the ISO Store or by contacting the Marketing & Communication department (see right-hand column).


Media Contact

Sandrine Tranchard

Sandrine Tranchard
Communication Officer,
Marketing, Communication and Information
Tél.  +41 22 749 03 11
Fax  +41 22 733 34 30
tranchard@iso.org

Sales enquiries:

Mrs. Sonia Rosas Friot
Assistant, Marketing Services
Marketing, Communication and Information
Tel.  +41 22 749 03 36
Fax  +41 22 749 09 47
E-mail  sales@iso.org
 

Related standards

  • ISO/IEC 27000:2009
    Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
  • ISO/IEC 27001:2005
    Information technology -- Security techniques -- Information security management systems -- Requirements
  • ISO/IEC 27005:2008
    Information technology -- Security techniques -- Information security risk management
  • ISO/IEC 27002:2005
    Information technology -- Security techniques -- Code of practice for information security management

Related information

 
The following article has been added to your basket
Continue shopping  Proceed to checkout