ISO/IEC 27001 2013 - Information Technology - Security techniques - information security management systems - requirements Standard.
The newest (2013) version of the international standard for information security management systems (ISMSs).
Looking for the 2017 version? Please be aware that the international standard is still the 2013 version. Some suppliers have republished country-specific versions of ISO/IEC 27001 (labelled ISO/IEC 27001:2017), which include additional corrigenda that were released after the 2013 publication date. These corrigenda are freely available from the ISO website for those who purchased the original version. They are also supplied by IT Governance when you purchase this standard.
ISO /IEC 27001:2013 is the new Standard detailing the specifications of an Information Security Management System (ISMS) which your organisation can implement to improve the state of its information security.
ISO/IEC 27001:2013 has been written using Annex SL, which provides a common structure for management system standards. By following this structure, the Standard enables organisations to take an integrated approach to management system implementation, eliminating unnecessary duplicate processes.
ISO/IEC 27001:2013 has been updated to reflect the latest in international best practice for information security, meaning it is the most comprehensive resource for modern information security.
The 2013 version of ISO/IEC 27001 is substantially different to the 2005 iteration.
For further guidance on ISO/IEC 27001:2013 and why you need it, please visit our information pages.
You can also buy this Standard with its companion Standard ISO/IEC 27002:2013 together in one kit here.
Please note: We supply the British and other national adoptions of ISO 27001, which all contain exactly the same content, interchangeably.
Please note that two Technical Corrigenda have been issued since ISO/IEC 27001:2013 was published. These can be downloaded free of charge direct from ISO via the following links: