ISO/IEC 27001:2013

Buy this standard

This standard was last reviewed and confirmed in 2019. Therefore this version remains current.

Abstract Preview

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

General information ^

Status : Published

Publication date : 2013-10
Edition : 2

Number of pages : 23
Technical Committee
:
ISO/IEC JTC 1/SC 27

Information security, cybersecurity and privacy protection
ICS :

35.030

IT Security

03.100.70

Management systems

Buy this standard

	Format	Language
std 1 pdf_colorpdf_epub 118	PDF + Color PDF + ePub
std 2 pdf_epub 118	PDF + ePub
std 3 pdf_epub_redline 142	PDF + ePub + Redline
std 4 paper 118	Paper
std 5 pdf 118	PDF

Please note that paper format is currently unavailable.

CHF118

Life cycle

A standard is reviewed every 5 years

Revisions / Corrigenda

Previously
ISO/IEC 27001:2005
Now confirmed
ISO/IEC 27001:2013
Corrigenda/Amendments
ISO/IEC 27001:2013/Cor 1:2014
ISO/IEC 27001:2013/Cor 2:2015

News

High-angle view of two technicians talking in a server room.

27 January 2020

Guidance for information security management systems auditors just updated

Keeping sensitive company information and personal data safe and secure is not only essential for any business but a legal imperative. Many organizations do this with the help of an information security …

Shot of an unrecognizable man doing online shopping on his digital tablet and holding his credit card while being seated at a table.

6 August 2019

Tackling privacy information management head on: first International Standard just published

We are more connected than ever, bringing with it the joys, and risks, of our digital world. Cybersecurity is a growing concern, with attacks against business almost doubling over the last few years and …

Close up of the hands of a woman typing on a red lit laptop keyboard.

4 February 2019

Stronger data protection with updated guidelines on assessing information security controls

Software attacks, theft of intellectual property or sabotage are just some of the many information security risks that organizations face. And the consequences can be huge. Most organizations have controls …

10 January 2019

How to tackle today’s IT security risks

Industry experts estimate that annual losses from cybercrime could rise to USD 2 trillion by next year. With countless new targets added every day, especially mobile devices and connected “things”, a joined-up …

Fingerprint login access on a smartphone.

13 July 2018

Reducing the risks of information security breaches with ISO/IEC 27005

In our hyper-connected, technology driven world, data breaches and cyber-attacks remain a significant threat to organizations, and a lack of awareness of the risks is often to blame. A newly revised standard …

Got a question?

Check out our FAQs

Customer care

+41 22 749 08 88

customerservice@iso.org

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Buy this standard

This standard was last reviewed and confirmed in 2019. Therefore this version remains current.

Abstract Preview

General information ^

Buy this standard

People also bought

ISO/IEC 27000:2018

Information technology

ISO/IEC 27002:2013

Information technology

ISO/IEC 27005:2018

Information technology

Life cycle

Revisions / Corrigenda

Guidance for information security management systems auditors just updated

Tackling privacy information management head on: first International Standard just published

Stronger data protection with updated guidelines on assessing information security controls

How to tackle today’s IT security risks

Reducing the risks of information security breaches with ISO/IEC 27005

ISO/IEC 27001 — Information security management

Got a question?

Keep up to date with ISO

This standard was last reviewed and confirmed in 2019. Therefore this version remains current.

Abstract Preview

General information 

Buy this standard

People also bought

Life cycle

Revisions / Corrigenda

This may also interest you

News

Pages

Got a question?

Keep up to date with ISO

General information ^