BS ISO/IEC 27006:2015+A1:2020 Information technology. Security techniques. Requirements for bodies providing audit and certification of information security management systems

BS ISO/IEC 27006:2015+A1:2020

Information technology. Security techniques. Requirements for bodies providing audit and certification of information security management systems

Status : Current, Under review   Published : October 2015

Format
PDF

Format
HARDCOPY



What is BS ISO/IEC 27006:2015+A1:2020 about?

This international standard gives additional requirements and guidance to those found in ISO/IEC 17021-1 and ISO/IEC 27001 on how information security management systems (ISMS) should be audited and certified. BS ISO/IEC 27006:2015+A1:2020 amends the 2015 version of the standard.

Who is BS ISO/IEC 27006:2015+A1:2020 for?

  • Bodies providing audit and certification of information security management systems
  • Accreditation bodies

Why should you use BS ISO/IEC 27006:2015+A1:2020?

It sets out criteria for bodies providing audit and certification of information security management systems. If such bodies are to be accredited as complying with ISO/IEC 17021-1 with the objective of auditing and certifying information security management systems (ISMS) in accordance with ISO/IEC 27001:2013, some additional requirements and guidance to ISO/IEC 17021-1 are necessary. These are provided by this international standard.

The requirements it contains need to be demonstrated in terms of competence and reliability by any ISMS certification body. The guidance supplied provides additional interpretation of these requirements.

BS ISO/IEC 27006:2015+A1:2020 can be used as a criteria document for accreditation, peer assessment or other audit processes. However its primary purpose is to support the accreditation of certification bodies providing ISMS certification.

NOTE: The text follows the structure of ISO/IEC 17021-1 and the additional ISMS-specific requirements and guidance on the application of ISO/IEC 17021-1 for ISMS certification are identified by the letters “IS”.

 

BS ISO/IEC 27006:2015+A1:2020 contributes to UN Sustainable Development Goal 9 on building resilient infrastructure, promoting inclusive and sustainable industrialization and fostering innovation because its use underpins more widespread information security in support of resilient infrastructures.

 

 

What’s new about BS ISO/IEC 27006:2015+A1:2020?

This standard is an amendment of the 2015 version. Changes includes to the clauses on:

a)       Selecting auditors

b)      ISMS certification documents

c)       Initial certification

Changes have also been made in Annex B to:

a)       Audit time concepts

b)      On-site audit time

c)       Multi-site audit time




Standard NumberBS ISO/IEC 27006:2015+A1:2020
TitleInformation technology. Security techniques. Requirements for bodies providing audit and certification of information security management systems
StatusCurrent, Under review
Publication Date31 October 2015
Normative References(Required to achieve compliance to this standard)IEC 27000, ISO/IEC 17021-1:2015, ISO/IEC 27001:2013
Informative References(Provided for Information)ISO 9001, ISO 19011, IEC 27007
ReplacesBS ISO/IEC 27006:2011
International RelationshipsISO/IEC 27006:2015/Amd.1:2020
Amended ByAmendment, April 2020
Draft Superseded By19/30389892 DC
DescriptorsComputers, Quality auditing, Data processing, Management, Certification bodies, Organizations, Data security, Anti-burglar measures, Technical documents, Records (documents), Certification (approval), Approval organizations, Data storage protection, Personnel, Information exchange
ICS03.100.70
03.120.20
35.030
Title in FrenchTechnologies de l'information. Techniques de sécurité. Exigences pour les organismes procédant à l'audit et à la certification des systèmes de management de la sécurité de l'information
CommitteeIST/33/1
ISBN978 0 539 03599 5
PublisherBSI
FormatA4
DeliveryYes
Pages46
File Size2.6 MB
Price£240.00


 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


Worldwide Standards
We can source any standard from anywhere in the world


BSOL

The faster, easier way to work with standards


Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version