w
41933
ISO/IEC 27000:2009
Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary
ISO/IEC 27000:2009 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of standards, and defines related terms. As a result of implementing ISO/IEC 27000:2009, all types of organization (e.g. commercial enterprises, government agencies and non-profit organizations) are expected to obtain:
- an overview of the ISMS family of standards;
- an introduction to information security management systems (ISMS);
- a brief description of the Plan-Do-Check-Act (PDCA) process; and
- an understanding of terms and definitions in use throughout the ISMS family of standards.
The objectives of ISO/IEC 27000:2009 are to provide terms and definitions, and an introduction to the ISMS family of standards that:
- define requirements for an ISMS and for those certifying such systems;
- provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements;
- address sector-specific guidelines for ISMS; and
- address conformity assessment for ISMS.
General information
-
Status : WithdrawnPublication date : 2009-05
-
Edition : 1
-
Technical Committee:Information security, cybersecurity and privacy protection
-
- ICS :
-
Information technology (Vocabularies)
-
Management systems
-
IT Security
Life cycle
A standard is reviewed every 5 years
Revisions / Corrigenda
-
Now withdrawn
ISO/IEC 27000:2009 -
Revised by
ISO/IEC 27000:2012
Got a question?
Check out our FAQs
Customer care
+41 22 749 08 88
Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)
Keep up to date with ISO
Sign up to our newsletter for the latest news, views and product information