DIN Standards Committee Information Technology and IT Applications
DIN ISO/IEC 27001
Information technology - Security techniques - Information security management systems - Requirements (ISO/IEC 27001:2013 + Cor. 1:2014)
Informationstechnik - IT-Sicherheitsverfahren - Informationssicherheits-Managementsysteme - Anforderungen (ISO/IEC 27001:2013 + Cor. 1:2014)
Overview
This standard is applicable for all types of organization (for example trading companies, government bodies, non-profit societies). This standard specifies the requirements for the establishment, implementation, operation, supervision, assessment, maintenance and improvement of documented information security management systems related to the general business risks of an organization. It also specifies the requirements for the introduction of security checks tailored to the needs of an organization or parts thereof. The information security management system has been developed to ensure the selection of sufficient and appropriate security checks which assure information stock and provide interested partners with trustworthiness.
Document: references other documents
Document: referenced in other documents
Responsible national committee
NA 043-04-27-01 AK - Requirements, services and principles for IT Security management systems
Responsible international committee
ISO/IEC JTC 1/SC 27/WG 1 - Information security management systems
