ISO/IEC 27001:2013

Buy this standard

This standard was last reviewed and confirmed in 2019. Therefore this version remains current.

Abstract Preview

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

General information ^

Status : Published

Publication date : 2013-10
Edition : 2

Number of pages : 23
Technical Committee
:
ISO/IEC JTC 1/SC 27

Information security, cybersecurity and privacy protection
ICS :

03.100.70

Management systems

35.030

IT Security

Buy this standard

	Format	Language
std 1 118	PDF + Color PDF + ePub
std 2 118	PDF + ePub
std 3 142	PDF + ePub + Redline
std 4 118	Paper
std 5 118	PDF

CHF118

Life cycle

A standard is reviewed every 5 years

Revisions / Corrigenda

Previously
ISO/IEC 27001:2005
Now confirmed
ISO/IEC 27001:2013
Corrigenda/Amendments
ISO/IEC 27001:2013/Cor 1:2014
ISO/IEC 27001:2013/Cor 2:2015

News

Shot of an unrecognizable man doing online shopping on his digital tablet and holding his credit card while being seated at a table.

By Clare Naden on 6 August 2019

Tackling privacy information management head on: first International Standard just published

We are more connected than ever, bringing with it the joys, and risks, of our digital world. Cybersecurity is a growing concern, with attacks against business almost doubling over the last few years and is an increasingly significant threat to global stability.

Close up of the hands of a woman typing on a red lit laptop keyboard.

By Clare Naden on 4 February 2019

Stronger data protection with updated guidelines on assessing information security controls

Software attacks, theft of intellectual property or sabotage are just some of the many information security risks that organizations face. And the consequences can be huge. Most organizations have controls in place to protect them, but how can we ensure those controls are enough? The international reference...

By Barnaby Lewis on 10 January 2019

How to tackle today’s IT security risks

Industry experts estimate that annual losses from cybercrime could rise to USD 2 trillion by next year. With countless new targets added every day, especially mobile devices and connected “things”, a joined-up approach is essential.

Fingerprint login access on a smartphone.

By Clare Naden on 13 July 2018

Reducing the risks of information security breaches with ISO/IEC 27005

In our hyper-connected, technology driven world, data breaches and cyber-attacks remain a significant threat to organizations, and a lack of awareness of the risks is often to blame. A newly revised standard will help.

By Barnaby Lewis on 1 March 2018

ISO/IEC 27000 – key International Standard for information security revised

2018 may only have just begun, but it looks like a big year for information security. With questions being raised about the security of micro-processors, and major cyber security initiatives such as the EU’s General Data Protection Regulation brought into effect this year, a new edition of ISO/IEC 27000...

Got a question?

Check out our FAQs

Customer care

+41 22 749 08 88

customerservice@iso.org

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Buy this standard

This standard was last reviewed and confirmed in 2019. Therefore this version remains current.

Abstract Preview

General information ^

Buy this standard

People also bought

ISO/IEC 27000:2018

Information technology

ISO/IEC 27002:2013

Information technology

ISO/IEC 27005:2018

Information technology

Life cycle

Revisions / Corrigenda

Tackling privacy information management head on: first International Standard just published

Stronger data protection with updated guidelines on assessing information security controls

How to tackle today’s IT security risks

Reducing the risks of information security breaches with ISO/IEC 27005

ISO/IEC 27000 – key International Standard for information security revised

ISO/IEC 27001 Information security management

Got a question?

Keep up to date with ISO

This standard was last reviewed and confirmed in 2019. Therefore this version remains current.

Abstract Preview

General information 

Buy this standard

People also bought

Life cycle

Revisions / Corrigenda

This may also interest you

News

Pages

Got a question?

Keep up to date with ISO

General information ^