ISO/IEC 27000
From Wikipedia, the free encyclopedia
ISO/IEC 27000 part of a growing family of ISO/IEC ISMS standards, the 'ISO/IEC 27000 series' is the number reserved for a new international standard, which currently has the provisional title: "Information technology - Security techniques - Information security management systems - Overview and vocabulary". The standard is known informally as "ISO 27000".
The standard is being developed by a sub-committee of the the Joint Technical Committee (JTC1) of the International Organization for Standardization and the International Electrotechnical Commission.
ISO 27000 will provide an overview of standards related to the ISO/IEC 27000 Information Security Management Systems (ISMS) family of standards and provide uniformity and consistency of fundamental terms and definitions (vocabulary) used throughout the ISMS family.
Information security, like many technical subjects, is evolving a complex web of terminology. Relatively few authors take the trouble to define precisely what they mean, an approach which is unacceptable in the standards arena as it potentially leads to confusion and devalues formal assessment and certification. As with ISO 9000 and ISO 14000, the base '000' standard is intended to address this.
[edit] Status
- Current version: not yet published - due in ~2008
- Target audience: users of the remaining ISO/IEC 27000-series information security management standards
[edit] See also
This standards- or measurement-related article is a stub. You can help Wikipedia by expanding it. |