A new edition of the information security standard ISO/IEC 27000:2018 was published in February. It is a helpful overview – particularly for the ISO/IEC 27001 community – that brings together all the essential terminology used by other standards in the ISO/IEC 27000 family.
ISO/IEC 27000:2018 Information technology – Security techniques – Information security management systems – Overview and vocabulary provides:
- the overview of information security management systems (ISMS)
- terms and definitions commonly used in the ISMS family of standards
- an understanding of how the standards in the ISO/IEC 27000 family fit together: their scopes, roles, functions and relationships to each other.
ISO/IEC 27000:2018 applies to all types and sizes of organisation, for example commercial businesses, government agencies, and not-for-profit organisations.
ISO/IEC 27000:2018 was developed by joint technical committee ISO/IEC JTC 1, Information technology, subcommittee SC 27, IT security techniques. New Zealand is a participating member on this committee.
Are you prepared for information security breaches? (Touchstone)
Image by Almonroth, CC BY-SA 3.0 (https://creativecommons.org/licenses/by-sa/3.0), from Wikimedia Commons