ISO/IEC 27006:2007
Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems
OVERVIEW
ISO/IEC 27006:2007 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification.
The requirements contained in ISO/IEC 27006:2007 need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in ISO/IEC 27006:2007 provides additional interpretation of these requirements for any body providing ISMS certification.
COMMENTS
-
PRODUCT DETAILS
Status | Withdrawn - 16 Jul 2024 |
---|---|
Edition | 2007 |
No. of Pages | 36 |
ICS Classification | 03.100.70 Management systems 35.030 IT Security |
Committee | ISO/IEC JTC 1/SC 27 |
Available for Purchase | For sale in Singapore only |
Adoption | ISO |