From Wikipedia, the free encyclopedia
ISO/IEC 27003 is an information security standard being currently developped by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its current title is Information Technology - Security techniques. Information security management system implementation guidance.
The purpose of ISO/IEC 27003 is to provide help and guidance in implementing an ISMS (Information Security Management System). Publication is not expected until late 2008 or early 2009.
Outline of the Standard
The proposed standard originally contained the following sections:
- 1. Introduction
- 2. Scope
- 3. Terms & Definitions
- 4. CSFs (Critical success factors)
- 5. Guidance on process approach
- 6. Guidance on using PDCA
- 7. Guidance on Plan Process
- 8. Guidance on Do Process
- 9. Guidance on Check Process
- 10. Guidance on Act Process
- 11. Inter-Organization Co-operation
No comments:
Post a Comment