Look beyond ISO 27001 to the rest of the ISO 27000 family!

ISO/IEC 27001 is constantly talked about by information security professionals, but most don’t realise is that there is a whole host of other standards in the ISO/IEC 27000 family that give guidance on the implementation of an information security management system (ISMS).

For instance, there is:

  • ISO/IEC 27003 that gives guidance on the implementation of an ISMS
  • ISO/IEC 27014 that outlines how to employ effective information security governance
  • ISO/IEC 27019 that makes implementing an ISMS in the utility industry easier.

In short, don’t just stick to the core ISMS standards such asISO/IEC 27001, ISO/IEC 27002 and ISO/IEC 27005. Take a look at the other standards which could be more applicable to your ISMS certification project.

Below details all of the available ISMS standards and summarises what their content covers:

Look beyond ISO/IEC 27001 to the rest of ISO/IEC 27000 family!