NF ISO/IEC 27000

NF ISO/IEC 27000

February 2011
Standard Cancelled

Information technology - Security techniques - Information security management systems - Overview and vocabulary

ISO/IEC 27000:2009 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of standards, and defines related terms. As a result of implementing ISO/IEC 27000:2009, all types of organization (e.g. commercial enterprises, government agencies and non-profit organizations) are expected to obtain: an overview of the ISMS family of standards; an introduction to information security management systems (ISMS); a brief description of the Plan-Do-Check-Act (PDCA) process; and an understanding of terms and definitions in use throughout the ISMS family of standards. The objectives of ISO/IEC 27000:2009 are to provide terms and definitions, and an introduction to the ISMS family of standards that: define requirements for an ISMS and for those certifying such systems; provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements; address sector-specific guidelines for ISMS; and address conformity assessment for ISMS.

See more
View the extract
Main informations

Collections

National standards and national normative documents

Thematics

Qualité - audit - lean, Management et performance, QSE

Publication date

February 2011

Number of pages

28 p.

Reference

NF ISO/IEC 27000

ICS Codes

01.040.03   Services. Company organization, management and quality. Administration. Transport. Sociology. (Vocabularies)
01.040.35   Information technology (Vocabularies)
03.100.70   Management systems
35.030   IT Security

Classification index

Z74-220

Print number

1 - 21/01/2011

International kinship

ISO/IEC 27000:2009
Sumary
Information technology - Security techniques - Information security management systems - Overview and vocabulary

ISO/IEC 27000:2009 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of standards, and defines related terms. As a result of implementing ISO/IEC 27000:2009, all types of organization (e.g. commercial enterprises, government agencies and non-profit organizations) are expected to obtain:

  1. an overview of the ISMS family of standards;
  2. an introduction to information security management systems (ISMS);
  3. a brief description of the Plan-Do-Check-Act (PDCA) process; and
  4. an understanding of terms and definitions in use throughout the ISMS family of standards.

The objectives of ISO/IEC 27000:2009 are to provide terms and definitions, and an introduction to the ISMS family of standards that:

  1. define requirements for an ISMS and for those certifying such systems;
  2. provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements;
  3. address sector-specific guidelines for ISMS; and
  4. address conformity assessment for ISMS.
Standard replaced by (1)
NF ISO/IEC 27000
December 2013
Standard Cancelled
Information technology - Security techniques - Information security management systems - Overview and vocabulary

ISO/IEC 27000:2012 describes the overview and the vocabulary of information security management systems, which form the subject of the ISMS family of standards, and defines related terms and definitions. ISO/IEC 27000:2012 is applicable to all types and sizes of organisation (e.g. commercial enterprises, government agencies, not-for-profit organisations).

Table of contents
  • Avant-propos
    iv
  • 0 Introduction
    v
  • 1 Domaine d'application
    1
  • 2 Termes et définitions
    1
  • 3 Systèmes de management de la sécurité de l'information
    1
  • 3.1 Introduction
    6
  • 3.2 Qu'est ce qu'un SMSI ?
    6
  • 3.3 Approche processus
    8
  • 3.4 Raisons pour lesquelles un SMSI est important
    8
  • 3.5 Établissement, surveillance, mise à jour et amélioration d'un SMSI
    9
  • 3.6 Facteurs critiques de succès du SMSI
    11
  • 3.7 Avantages de la famille des normes SMSI
    11
  • 4 La famille des normes SMSI
    12
  • 4.1 Informations générales
    12
  • 4.2 Normes décrivant une vue d'ensemble et une terminologie
    13
  • 4.3 Normes spécifiant des exigences
    14
  • 4.4 Normes décrivant des lignes directrices générales
    15
  • 4.5 Normes décrivant des lignes directrices propres à un secteur
    16
  • Annexe A (informative) Expressions verbales pour exprimer des dispositions
    17
  • Annexe B (informative) Termes classés par catégories
    18
  • Bibliographie
    20
Need to identify, monitor and decipher standards?

COBAZ is the simple and effective solution to meet the normative needs related to your activity, in France and abroad.

Available by subscription, CObaz is THE modular solution to compose according to your needs today and tomorrow. Quickly discover CObaz!

Request your free, no-obligation live demo

I discover COBAZ