New ISO information technology Standards service management systems information security risk manage


14 September 2011

Service management systems – new ISO Standard

Information technology – Service management – Part 1: Service management system requirements ISO/IEC 20000-1:2011 specifies requirements for service providers to plan, establish, implement, operate, monitor, review, maintain, and improve a service management system (SMS). ISO/IEC 20000-1:2011 can also be used by organisations that require a consistent approach by all service providers, including those in a supply chain.

Improved ISO Standard helps organisations to manage information security risks

The revised ISO/IEC 27005:2011 helps IT departments to implement a risk management approach to manage their information security management system (ISMS) risks. Information technology – Security techniques – Information security risk management.

ISO/IEC 27005 helps users to implement ISO/IEC 27001:2005 Information technology – Security techniques – Information security management systems – Requirements, which is based on a risk management approach. Knowledge of the concepts, models, processes, and terminologies in ISO/IEC 27001 and ISO/IEC 27002:2005 Information technology – Security techniques – Code of practice for information security management, is important for a complete understanding of ISO/IEC 27005.

Related Standards

  • AS/NZS ISO/IEC 27001:2006 Information technology – Security techniques – Information security management systems – Requirements. Note: This Standard is Identical to and reproduced from ISO/IEC 27001:2005.
  • AS/NZS ISO/IEC 27002:2006 Information technology – Security techniques – Code of practice for information management
  • AS/NZS ISO 31000:2009 Risk management – Principles and guidelines. Note: This Standard is identical to and reproduced from ISO 31000:2009.
  • ISO/IEC 31010:2010 Risk management – Risk assessment techniques
  • ISO Guide 73:2009 Risk management – Vocabulary

Biometrics – new ISO/IEC Standard ensures security of biometric data online

Biometrics provide a unique link to an individual that is nearly or absolutely impossible to fake and include recognition technologies based on face, iris or palm images, voice patterns, and the like – for example, fingerprint scans used to access a computer, or iris scans to cross border control. Biometrics are increasingly being used to automatically identify individuals and as a reliable way to authenticate online transactions. Information technology – Security techniques – Biometric information protection ISO/IEC 24745:2011is a new Standard to ensure security and privacy when managing and processing biometric information.

Related article

== ENDS==

Media enquiries

Jayne McCullum
Standards New Zealand
(04) 498 3989

About Standards New Zealand

Standards New Zealand is the operating arm of the Standards Council, and part of New Zealand's standards and conformance infrastructure. Standards New Zealand is an autonomous Crown entity responsible for managing the development and distribution of Standards across a range of sectors nationally.

Standards New Zealand is a self-funded, not-for-profit organisation, relying on revenue primarily from contracts with sponsors to develop Standards, and from sales of Standards publications. Our independence helps us facilitate a cross section of stakeholders' contributions to the development of Standards, and ensure that each Standard meets the needs of end users.

Stay in touch

Read Touchstone, Standards New Zealand's free monthly electronic magazine, for the latest Standards news. Subscribe to Touchstone here.

The question is not what you gain from standardisation, it's what you lose without it.