ISO/IEC 27000

 

Abstract

ISO/IEC 27000:2009 provides an overview of information security management systems, which form the subject of the information security management system (ISMS) family of standards, and defines related terms. As a result of implementing ISO/IEC 27000:2009, all types of organization (e.g. commercial enterprises, government agencies and non-profit organizations) are expected to obtain:

1. an overview of the ISMS family of standards;
2. an introduction to information security management systems (ISMS);
3. a brief description of the Plan-Do-Check-Act (PDCA) process; and
4. an understanding of terms and definitions in use throughout the ISMS family of standards.

The objectives of ISO/IEC 27000:2009 are to provide terms and definitions, and an introduction to the ISMS family of standards that:

1. define requirements for an ISMS and for those certifying such systems;
2. provide direct support, detailed guidance and/or interpretation for the overall Plan-Do-Check-Act (PDCA) processes and requirements;
3. address sector-specific guidelines for ISMS; and
4. address conformity assessment for ISMS. 

ISO 27001 This is the specification for an information security management system (an ISMS) which replaced the old BS7799-2 standard	ISO 27002 This is the 27000 series standard number of what was originally the ISO 17799 standard (which itself was formerly known as BS7799-1)..
ISO 27003 This will be the official number of a new standard intended to offer guidance for the implementation of an ISMS (IS Management System) .	ISO 27004 This standard covers information security system management measurement and metrics, including suggested ISO27002 aligned controls..
ISO 27005 This is the methodology independent ISO standard for information security risk management..	ISO 27006 This standard provides guidelines for the accreditation of organizations offering ISMS certification.

ISO 27000

Source : http://rungga.blogspot.com/2013/03/download-iso-27000.html