What is the ISO 27000 Family of Standards?
Information security breaches, pose a significant threat to modern-day organisations, with breaches to information security potentially leading to loss of income, reputational damage, loss of data or more. As modern information sharing and data management has changed, and technological developments create more opportunities for breaches and errors, organisations have become increasingly aware of this issue and dedicated to protecting their systems and information security. One of the ways that organisations can do so, is through the implementation of a recognised Information Security Management System (ISMS).
The ISO/IEC 27000 series is a series of best practices to enable organisations to improve their information security within the context of an overall information security management system. This family of standards helps organisations keep information assets secure. The series covers a wide range of published standards, encompassing more than 45 recognised standards.
The ISO/IEC 27000 series is published by the ISO (International Organisation for Standardisation) and the IEC (International Electrotechnical Commission) and the first standard in this series was published in 2000.
Some of the standards within this series:
This standard provides an overview of information security management systems, and terms and definitions commonly used in the ISMS family of standards.
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of an organisation.
Supplies a code of practice for information security controls. It has been designed for use with organisations that intend to:
- select controls within the process of implementing an Information Security Management System based on ISO/IEC 27001;
- implement commonly accepted information security controls;
- develop their own information security management guidelines.
One of the more recent additions to the ISO/IEC 27000 family, ISO/IEC 27701 sets out the requirements for organisations implementing a privacy information management system (PIMS).
DQS South Africa is committed to sharing up to date, relevant news. For more information about standards or the certification process, please contact DQS.
DQS South Africa is your local business solutions partner, offering solutions that work for your sector. We form part of an international network dedicated to ensuring compliance and business conformity. For any questions about our services or to contact us, please visit dqs.co.za.