ISO/IEC 27000:2009

Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary

ISO/IEC 27000:2009 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of standards, and defines related terms. As a result of implementing ISO/IEC 27000:2009, all types of organization (e.g. commercial enterprises, government agencies and non-profit organizations) are expected to obtain:

  1. an overview of the ISMS family of standards;
  2. an introduction to information security management systems (ISMS);
  3. a brief description of the Plan-Do-Check-Act (PDCA) process; and
  4. an understanding of terms and definitions in use throughout the ISMS family of standards.

The objectives of ISO/IEC 27000:2009 are to provide terms and definitions, and an introduction to the ISMS family of standards that:

  1. define requirements for an ISMS and for those certifying such systems;
  2. provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements;
  3. address sector-specific guidelines for ISMS; and
  4. address conformity assessment for ISMS.


Общая информация

  • Текущий статус :  Withdrawn
    Дата публикации : 2009-05
  • Версия : 1
  • :
    ISO/IEC JTC 1/SC 27
    Information security, cybersecurity and privacy protection
  • 01.040.35
    Information technology (Vocabularies)
    03.100.70
    Management systems
    35.030
    IT Security

Жизненны цикл

Стандарт, который пересматривается каждые 5 лет



Изменения / Исправления

  • В настоящее время отменен
    ISO/IEC 27000:2009
  • Пересмотрен
    ISO/IEC 27000:2012

Появились вопросы?

Ознакомьтесь с FAQ

Работа с клиентами
+41 22 749 08 88

Часы работы:
Понедельник – пятница: 09:00-12:00, 14:00-17:00 (UTC+1)

Будьте в курсе актуальных новостей ИСО

Подписывайтесь на наши новости, обзоры, а также на информацию о продуктах

Subscribe