ISO27001:2013 Now Available!
ISO27001: 2013 is the new standard that details the requirements for an information security management system (ISMS).
ISO/IEC 27001 2013 (ISO27001 ISO 27001) ISMS Requirements
There a several updates to the new standard including:
• Terms and definitions are now referenced from ISO27000:2012 (with the terminology of ISO27000 also being updated)
• Risk assessment requirements are less prescriptive and are now aligned with ISO 31000 – the international standard for risk management.
• The PDCA cycle is no longer mandated as the approach for reviewing and improving an ISMS. You can use the PDCA or any other approach.
• The requirements for management commitment have been overhauled and are largely contained presented in the Leadership clause
• The requirements for a statement of applicability in the 2013 edition have been enhanced
• The risk treatment process makes it easier to adopt control frameworks other than Annex A
• Annex B has been deleted, and Annex A has also been revised and restructured
Be the first to receive the new ISO27001:2013 standard.
The Code of Practice for Information Security Controls, ISO27002 has also been updated.
ISO/IEC 27002:2013 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization.
Order ISO27002:2013 today >>>