2018 may only have just begun, but it looks like a big year for information security. With questions being raised about the security of micro-processors, and major cyber security initiatives such as the EU’s General Data Protection Regulation brought into effect this year, a new edition of ISO/IEC 27000 has come at just the right time.
ISO/IEC 27000:2018 provides the overview of information security management systems (ISMS), and terms and definitions commonly used in the ISMS ISO/IEC 27001 family of standards. Designed to be applicable to all types and size of organization from multinational business to small and medium-sized enterprises, the new version, released in February 2018, is equally valuable to government agencies or not-for-profit organizations.
There are more than a dozen standards in the 27000 family. The recently published ISO/IEC 27000 provides an understanding of how the standards fit together: their scopes, roles, functions and relationship to each other.
The ISO/IEC 27001 community will find this standard useful, since it brings together all the essential terminology used by other standards in the ISO/IEC 27000 family.
ISO/IEC 27000:2018 was developed by joint technical committee ISO/IEC JTC 1, Information technology, subcommittee SC 27, IT security techniques, whose secretariat is held by DIN, the ISO member for Germany. It can be purchased from your national ISO member or through the ISO Store.
- Information technologySecurity techniquesInformation security management systemsOverview and vocabulary
- Information technologySecurity techniquesInformation security management systemsRequirements
- Information technologySecurity techniquesCode of practice for information security controls