BS EN ISO/IEC 27000:2017

What is ISO/IEC 27000 about?

ISO/IEC 27000 provides the overview of information security management systems, and terms and definitions commonly used in the ISMS family of standards.

Who is ISO/IEC 27000 for?

ISO/IEC 27000 on information security management systems is useful for:

• Commercial organizations
• Government agencies
• Not-for-profit organizations

Why should you use ISO/IEC 27000?

International Standards for management systems provide a model to follow in setting up and operating a management system. Through the use of the information security management systems (ISMS) family of standards, organizations can develop and implement a framework for managing the security of their information assets including financial information, intellectual property, and employee details, or information entrusted to them by customers or third parties. These standards can also be used to prepare for an independent assessment of their information security management systems (ISMS) applied to the protection of information.

ISO/IEC 27000 provides an overview of information security management systems and defines related terms.

ISO/IEC 27000:

• define requirements for an ISMS and for those certifying such systems,
• provide direct support, detailed guidance and/or interpretation for the overall process to establish,
• implement, maintain, and improve an ISMS,
• address sector-specific guidelines for ISMS
• address conformity assessment for ISMS