ISO/IEC TR 27008:2011
Information technology -- Security techniques -- Guidelines for auditors on information security controls
This standard has been revised by ISO/IEC TS 27008:2019
ISO/IEC TR 27008:2011 provides guidance on reviewing the implementation and operation of controls, including technical compliance checking of information system controls, in compliance with an organization's established information security standards.
ISO/IEC TR 27008:2011 is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations conducting information security reviews and technical compliance checks. It is not intended for management systems audits.
General information
-
Status : WithdrawnPublication date : 2011-10
-
Edition : 1
-
Technical Committee:Information security, cybersecurity and privacy protection
-
- ICS :
-
IT Security
Life cycle
A standard is reviewed every 5 years
Revisions / Corrigenda
-
Now withdrawn
ISO/IEC TR 27008:2011 -
Revised by
ISO/IEC TS 27008:2019
Got a question?
Check out our FAQs
Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)
Keep up to date with ISO
Sign up to our newsletter for the latest news, views and product information