Skip to main content
SpringerLink
Log in

Information security management system standards

  • Schwerpunkt
  • Standardisierung
  • Published:
Datenschutz und Datensicherheit - DuD Aims and scope Submit manuscript

Abstract

This article presents ISO’s most successful information security standard ISO/IEC 27001 together with the other standards in the family of information security standards — the socalled ISO/IEC 2700x family of information security management system (ISMS) standards and guidelines. We shall take a brief look at the history and progress of these standards, where they originated from and how became the common language of organizations around the world for engaging in business securely. We shall take a tour through the different types of standard at are included in the ISMS family and how the relate and fit together and we will finally conclude with a short presentation of ISMS third party certification. The material used in this article has been derived directly from the many articles and books by Prof. Humphreys on the ISO/IEC 2700x ISMS family and they are implemented and applied in practice in business, commerce and government sectors.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Bibliography

  1. Humphreys, Edward (2008), Implementing the ISO/IEC 27001 Information Security Management System Standard (Information Security and Privacy Series), pub. Artech House

  2. Humphreys, Edward (2010), Information Security Risk Management — Handbook for ISO/IEC 27001, Pub. BSI British Standards Institution

  3. James Butler-Stewart author (2009), Father of ISMS Standards (BS 7799-1 | ISO/IEC 27002 & BS 7799-2 | ISO/IEC 27001), Infosec Publications, Australia, India and USA

    Google Scholar 

  4. ISO Publication (2010): ISO/IEC 27001 Information Security Management Systems — An easytouse ISO/IEC 27001 guide for the small business, author Humphreys, Edward

  5. Humphreys, Edward and Plate Angelika (2005), Are you ready for an ISMS Audit based on ISO/IEC 27001? Pub. BSI British Standards Institution

  6. Humphreys, Edward and Plate Angelika (2005), Guidelines on Requirements and Preparation for ISMS Certification Based on ISO/IEC 27001, Pub. BSI British Standards Institution

  7. Humphreys, Edward (2009), Implementation of ISO/IEC 27001, Pub. MIQA, London

  8. Humphreys, Edward and Plate Angelika (2010), ROSI and ISO/IEC 27001, Pub. Risk Publications Associates, LA, USA

    Google Scholar 

  9. Humphreys, Edward and Plate Angelika (2008), Pub. BSI British Standards Institution

  10. Humphreys, Edward and Plate Angelika (2007), ISMS Metrics, Pub. MIQA, London

    Google Scholar 

  11. Humphreys, Edward and Plate Angelika (2006), Measuring the Effectiveness of your ISMS implementation based on ISO/IEC 27001, Pub. BSI British Standards Institution

Download references

Author information

Authors and Affiliations

  1. Institute of Technology, Hagenberg University in Upper Austria and Beijing University, Beijing, China

    Edward Humphreys

Authors
  1. Edward Humphreys
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Edward Humphreys.

Additional information

Prof. Edward Humphreys is the convenor of ISO/IEC JTC 1/SC27/WG1 the working group responsible for the development and maintenance of the ISMS family of standards.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Humphreys, E. Information security management system standards. DuD 35, 7–11 (2011). https://doi.org/10.1007/s11623-011-0004-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11623-011-0004-3

Search

Navigation