The Full Wiki

More info on ISO/IEC 27003

ISO/IEC 27003: Wikis


Note: Many of our articles have direct quotes from sources you can cite, within the Wikipedia article! This article doesn't yet, but we're working on it! See more info or our list of citable articles.


From Wikipedia, the free encyclopedia

ISO/IEC 27003 part of a growing family of ISO/IEC ISMS standards, the 'ISO/IEC 27000 series' is an information security standard being currently developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its current title is Information Technology - Security techniques. Information security management system implementation guidance.

The purpose of ISO/IEC 27003 is to provide help and guidance in implementing an ISMS (Information Security Management System).

Outline of the Standard

The Final Committee Draft of this standard contains the following sections:

  • 1. Introduction
  • 2. Scope
  • 3. Terms & Definitions
  • 4. Structure of this Standard
  • 5. Obtaining Management Approval for Initiating the Project to Implement an ISMS
  • 6. Defining ISMS Scope and ISMS Policy
  • 7. Conducting Organization Analysis
  • 8. Conducting Risk Assessment and Risk Treatment Planning
  • 9. Designing the ISMS

The standard is expected to be published during 2009.

See also

External links



Got something to say? Make a comment.
Your name
Your email address