ISO/IEC 27007

From Wikipedia, the free encyclopedia

ISO/IEC 27007 part of a growing family of ISO/IEC ISMS standards, the 'ISO/IEC 27000 series' is an information security standard being currently developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its current title is Information technology -- Security techniques -- Guidelines for Information security management systems auditing.

The purpose of ISO/IEC 27007 is to provide guidance for audit and accredited certification bodies auditing Information Security Management Systems against ISO/IEC 27001. Publication is not expected until 2009.

[edit] See also

• ISO/IEC 27000-series

[edit] External links

• ISO Website