ISO/IEC TR 27008:2011
Information technology — Security techniques — Guidelines for auditors on information security controls
ISO/IEC TR 27008:2011 provides guidance on reviewing the implementation and operation of controls, including technical compliance checking of information system controls, in compliance with an organization's established information security standards.
ISO/IEC TR 27008:2011 is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations conducting information security reviews and technical compliance checks. It is not intended for management systems audits.
| Get this standard | Prices exclude GST | |
|---|---|---|
| HardCopy |
$152.17 NZD
|
|
| Networkable PDF |
Price varies
|
Keep me up-to-date
Sign up to receive updates when there are changes to this standard
Related Information
Similar Standards
-
AS/NZS ISO/IEC 27001:2023
Information security, cybersecurity and privacy protection – Information security management systems – Requirements
-
AS/NZS ISO/IEC 27001:2023 A1
Information security, cybersecurity and privacy protection - Privacy enhancing data de-identification framework
-
AS/NZS ISO/IEC 27002:2022
Information security, cybersecurity and privacy protection — Information security controls
-
AS/NZS ISO/IEC 27011:2025
Information security, cybersecurity and privacy protection – Information security controls based on ISO/IEC 27002 for telecommunications organizations