Tuesday, 3 May 2016

ISO/IEC 27000:2016: Information technology

The recently revised ISO/IEC 27000:2016, Information technology – Security techniques – Information security management systems – Overview and vocabulary, gives a comprehensive view of information security management systems covered by the ISMS family of standards, and defines related terms and definitions.

All information held and processed by an organization is subject to the risks of attack, error and natural disaster, and other vulnerabilities inherent to its use. Information security is therefore at the heart of an organization’s activities and focuses on information that is considered a valuable “asset” requiring appropriate protection, for example against the loss of availability, confidentiality and integrity.

“Every common language requires a common set of terminology, and this is provided by ISO/IEC 27000,” says Prof. Edward Humphreys, Convenor of working group ISO/IEC JTC 1/SC 27/WG 1 that developed the standard.

For details see: ISO.

 Posted by Dr. Tim Sandle