Advertisement

Datenschutz und Datensicherheit - DuD

, Volume 35, Issue 1, pp 7–11 | Cite as

Information security management system standards

  • Edward Humphreys
Schwerpunkt Standardisierung

Abstract

This article presents ISO’s most successful information security standard ISO/IEC 27001 together with the other standards in the family of information security standards — the socalled ISO/IEC 2700x family of information security management system (ISMS) standards and guidelines. We shall take a brief look at the history and progress of these standards, where they originated from and how became the common language of organizations around the world for engaging in business securely. We shall take a tour through the different types of standard at are included in the ISMS family and how the relate and fit together and we will finally conclude with a short presentation of ISMS third party certification. The material used in this article has been derived directly from the many articles and books by Prof. Humphreys on the ISO/IEC 2700x ISMS family and they are implemented and applied in practice in business, commerce and government sectors.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Bibliography

  1. [1]
    Humphreys, Edward (2008), Implementing the ISO/IEC 27001 Information Security Management System Standard (Information Security and Privacy Series), pub. Artech HouseGoogle Scholar
  2. [2]
    Humphreys, Edward (2010), Information Security Risk Management — Handbook for ISO/IEC 27001, Pub. BSI British Standards InstitutionGoogle Scholar
  3. [3]
    James Butler-Stewart author (2009), Father of ISMS Standards (BS 7799-1 | ISO/IEC 27002 & BS 7799-2 | ISO/IEC 27001), Infosec Publications, Australia, India and USAGoogle Scholar
  4. [4]
    ISO Publication (2010): ISO/IEC 27001 Information Security Management Systems — An easytouse ISO/IEC 27001 guide for the small business, author Humphreys, EdwardGoogle Scholar
  5. [5]
    Humphreys, Edward and Plate Angelika (2005), Are you ready for an ISMS Audit based on ISO/IEC 27001? Pub. BSI British Standards InstitutionGoogle Scholar
  6. [6]
    Humphreys, Edward and Plate Angelika (2005), Guidelines on Requirements and Preparation for ISMS Certification Based on ISO/IEC 27001, Pub. BSI British Standards InstitutionGoogle Scholar
  7. [7]
    Humphreys, Edward (2009), Implementation of ISO/IEC 27001, Pub. MIQA, LondonGoogle Scholar
  8. [8]
    Humphreys, Edward and Plate Angelika (2010), ROSI and ISO/IEC 27001, Pub. Risk Publications Associates, LA, USAGoogle Scholar
  9. [9]
    Humphreys, Edward and Plate Angelika (2008), Pub. BSI British Standards InstitutionGoogle Scholar
  10. [10]
    Humphreys, Edward and Plate Angelika (2007), ISMS Metrics, Pub. MIQA, LondonGoogle Scholar
  11. [11]
    Humphreys, Edward and Plate Angelika (2006), Measuring the Effectiveness of your ISMS implementation based on ISO/IEC 27001, Pub. BSI British Standards InstitutionGoogle Scholar

Copyright information

© Springer Fachmedien Wiesbaden 2011

Authors and Affiliations

  1. 1.Institute of TechnologyHagenberg University in Upper Austria and Beijing UniversityBeijingChina

Personalised recommendations