Iso 27000
ISO/IEC 27000
First edition 2009-05-01
Information technology — Security techniques — Information security management systems — Overview and vocabulary
Technologies de l'information — Techniques de sécurité — Systèmes de gestion de la sécurité des informations — Vue d'ensemble et vocabulaire
Reference number ISO/IEC 27000:2009(E)
© ISO/IEC 2009ISO/IEC 27000:2009(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringingAdobe's licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISOmember bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2009 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm,without permission in writing from either ISO at the address below or ISO's member body in the country of the requester. ISO copyright office Case postale 56 • CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyright@iso.org Web www.iso.org Published in Switzerland
ii
© ISO/IEC 2009 – All rights reserved
ISO/IEC 27000:2009(E)
Contents
PageForeword............................................................................................................................................................ iv 0 1 2 3 3.1 3.2 3.3 3.4 3.5 3.6 3.7 4 4.1 4.2 4.3 4.4 4.5 Introduction ........................................................................................................................................... v Scope..................................................................................................................................................... 1 Terms and definitions........................................................................................................................... 1 Information security management systems...................................................................................... 6 Introduction ........................................................................................................................................... 6 What is an ISMS? .................................................................................................................................. 7 Processapproach................................................................................................................................. 8 Why an ISMS is important.................................................................................................................... 9 Establishing, monitoring, maintaining and improving an ISMS .................................................... 10 ISMS critical success factors............................................................................................................ 11 Benefits of the ISMS family of standards ......................................................................................... 11 ISMS family of standards ................................................................................................................... 12 General...
Regístrate para leer el documento completo.