ISO/IEC 27000 Series

Este Grupo de estándares son conocidos como la serie ISO/IEC 27000, siendo las mejores prácticas de la industria para la administración de controles de seguridad de manera transversal en organizaciones de todo el mundo.

ISO/IEC 27000: Overview and vocabulary
ISO/IEC 27001: ISMS requeriments
ISO/IEC 27002: Code of practice for information security management
ISO/IEC 27003: Guideline for ISMS implementation
ISO/IEC 27004: Guideline for information security management measurement and metrics framework
ISO/IEC 27005: Guideline for information security risk management
ISO/IEC 27006: Guideline for bodies providing audit and certification of ISMS.
ISO/IEC 27011: Information security management guidelines for telecomunications organizations
ISO/IEC 27031: Guideline for information and communications technology readiness for business continuity
ISO/IEC 27033-1: Guideline for network security
ISO 27799: Guide for information security management in health organizations

The following ISO/IEC standards are in develpment:


ISO/IEC 27007: Guideline for information security management systyems auditing
ISO/IEC 27013: Guideline on the integrated implementation of ISO/IEC 20000-1 and ISO/IEC 27001
ISO/IEC 27014: Guideline for information security governance
ISO/IEC 27015: Information security management guidelines for the finance and insurance setors.
ISO/IEC 27032: Guideline for cybersecurity
ISO/IEC 27033: Guideline for IT network security, a multipart standard based on ISO/IEC 18028:2006
ISO/IEC 27034: Guideline for application security
ISO/IEC 27035: Guideline for security incident management
ISO/IEC 27036: Guideline for security of outsourcing
ISO/IEC 27037: Guideline for identification, collection, and/or acquisition and preservation of digital evidence.



Comentarios

Entradas populares de este blog

7 Factores Integrales de la Seguridad de la Información

Elementos de un Proceso de Prueba de Software

Auto Evaluación del Control (Control Self Assessment)