3. ISO 27001 standard

3.1 Context

A first document, ISO/IEC 17799, published in 2005, dealt with security techniques and provided a code of good practice for information security management. These implementation recommendations are included in the normative Annex A of ISO/IEC 27001. The 2013 version includes a major evolution in requirements. Of particular note are:

Definitions are given in ISO/IEC 27000 ;
two additional requirement chapters: 4 to 10 instead of 4 to 8;
normative Annex A, which adopts a new structure: 14 objective sectors instead of 11, and 114 safety measures instead of 133;
the former informative appendices B and C are deleted.

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed? Log in!

Ongoing reading
ISO 27001 standard

Previous
page ISO/IEC 27000 series

Declaration of applicability

Article included in this offer

"Software technologies and System architectures"

( 227 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Bibliography

(1) - Sous la direction de PINET (C.) (Groupe des experts qualité du CNAM) - La qualité du logiciel. Retour d'expériences. - AFNOR (1998).
(2) - PINET (C.) - La gestion des services. 10 clés pour passer de l'ITIL ^®...

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed? Log in!