ISO 27001
E18752
ISO 27001 is an internationally recognized standard that specifies requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS).
Aliases (3)
Statements (48)
| Predicate | Object |
|---|---|
| instanceOf |
ISO/IEC standard
→
information security standard → |
| abbreviation |
ISMS standard
→
|
| alignedWith |
ISO High Level Structure
→
|
| AnnexABasedOn |
ISO/IEC 27002
→
|
| appliesTo |
organizations of all types and sizes
→
|
| basedOnApproach |
risk management
→
|
| certificationBy |
accredited certification bodies
→
|
| compatibleWith |
Plan-Do-Check-Act cycle
→
|
| defines |
requirements for continually improving an ISMS
→
requirements for establishing an ISMS → requirements for implementing an ISMS → requirements for maintaining an ISMS → |
| focusesOn |
information security management systems
→
|
| fullName |
ISO/IEC 27001
→
|
| geographicalScope |
international
→
|
| includes |
Annex A controls
→
|
| latestEdition |
ISO/IEC 27001:2022
→
|
| partOfSeries |
ISO/IEC 27000 family
→
|
| publishedBy |
International Electrotechnical Commission
→
International Organization for Standardization → |
| relatedStandard |
ISO/IEC 27000
→
ISO/IEC 27002 → ISO/IEC 27005 → ISO/IEC 27017 → ISO/IEC 27018 → |
| requires |
competence and awareness for information security
→
corrective actions for nonconformities → definition of ISMS scope → documented information for ISMS → information security policy → information security risk assessment → information security risk treatment → internal ISMS audits → management review of the ISMS → monitoring and measurement of ISMS performance → roles and responsibilities for information security → |
| revises |
ISO/IEC 27001:2013
→
|
| scopeIncludes |
availability of information
→
confidentiality of information → integrity of information → |
| subjectArea |
cybersecurity
→
information security → privacy protection → |
| supports |
certification of organizations
→
|
| usedFor |
demonstrating information security compliance
→
meeting contractual information security requirements → supporting regulatory and legal compliance → |
Referenced by (7)
| Subject (surface form when different) | Predicate |
|---|---|
|
ISO 27001
("ISO/IEC 27001")
→
|
fullName |
|
International Organization for Standardization
→
|
issuesStandard |
|
ISO 27001
("ISO/IEC 27001:2022")
→
|
latestEdition |
|
Google Cloud
→
|
providesCompliance |
|
ISO 27001
("ISO/IEC 27001:2013")
→
|
revises |
|
ISO/IEC
("ISO/IEC 27001")
→
|
standardSeries |
|
Microsoft Azure
→
|
supportsComplianceStandard |