Information security management system standards

Abstract

This article presents ISO’s most successful information security standard ISO/IEC 27001 together with the other standards in the family of information security standards – the so- called ISO/IEC 2700x family of information security management system (ISMS) standards and guidelines. We shall take a brief look at the history and progress of these standards, where they originated from and how became the common language of organizations around the world for engaging in business securely. We shall take a tour through the different types of standard at are included in the ISMS family and how the relate and fit together and we will finally conclude with a short presentation of ISMS third party certification. The material used in this article has been derived directly from the many articles and books by Prof. Humphreys on the ISO/IEC 2700x ISMS family and they are implemented and applied in practice in business, commerce and government sectors.