ISO27001 is a 'specification' for an ISMS (Information Security Management System), officially titled "Information Technology - Security Techniques - Information Security Management Systems - Requirements".
It is the foundation for third party certification, comprising some 34 pages embracing the following:
Introduction
Scope
Terms and Definitions
Normative References
ISMS
Management Responsibility
Management review
ISMS improvement
As ISO 17799, it was prepared by the Joint Technical Committee ISO/IEC JTC1, IT Sub Committee SC27, IT Security Techniques. It replaces BS7799-2:2002, which is withdrawn on th epublication date of ISO 27001 itself.
Viz také:
ISO 17799 Newsletter a
ISO 27001 Security