Focus
BS ISO/IEC 27001:2013 Information technology, Security techniques, Information security management systems, Requirements
October 2013
This internationally acclaimed standard for information security management has been revised and released on 1 October 2013. Since their conception in the early 1990s, globally recognised standards in Information Security have grown in rigour and recognition. So have information security threats and the best ways to manage them.
To reflect current best practice, BS ISO/IEC 27001:2013 provides specific recommendations to help you establish your own Information Security Management System (ISMS), monitor its performance and implement improvements where necessary.
The new standard is written using the high level structure that will be common to all new management system standards. This will allow easier integration when implementing more than one management system within your organisation.
BS ISO/IEC 27001:2013 is less prescriptive, allowing greater flexibility on how requirements are satisfied, thereby giving organisations greater freedom to implement requirements in a manner best suited to them.
The document allows you to see where you can simplify your current information security management practices or adopt new practices that are more natural to the needs and culture of your organization. If you are introducing an information security management system for the first time, the new standard ensures you are following today’s best practice from the start.
BS ISO/IEC 27001:2013 requirements can be used to prepare your organisation for third party audits and certification purposes.
Taking into account the experiences of users who have implemented or sought certification to ISO/IEC 27001:2005, the new standard offers a more flexible, streamlined approach intended to ensure more effective risk management.
A number of changes to the security controls listed in Annex A have been made to ensure the standard is current and consistent with the new BS ISO/IEC 27002:2013.
Contents
- Introduction
- 1 Scope
- 2 Normative references
- 3 Terms and definitions
- 4 Context of the organization
- 5 Leadership
- 6 Planning
- 7 Support
- 8 Operation
- 9 Performance evaluation
- 10 Improvement
- Bibliography
More information and order: BS ISO/IEC 27001:2013
OSH UPDATE
If you need further information on occupational safety and health standards – especially in the workplace then have a look at OSH UPDATE which is a unique electronic collection of information sources including a database of all the standards produced by the British Standards Institution collected together in one place – www.oshupdate.com! Available for a 15 day free trial!
More information on all aspects of health and safety at work – not only from Europe but from around the World, can be found by checking out the OSH UPDATE electronic collection of 20 information databases containing over 833,049 full text and bibliographic records that are constantly updated.
Information seekers will find a wealth of authoritative and validated advice from these global sources. Full text documents and references on research results, best practices, case studies, journal articles, reports, advice and guidance, legislation, accidents and incident reports and much more are in OSH UPDATE.
Why not try OSH UPDATE for yourself? Take a 15-day free trial. Why be without quality OSH information?
FIREINF
And if you need information, guidance and advice on all aspects of fire sciences and fire-related topics then take a free trial of FIREINF www.fireinf.com a collection of over 547,702 sources of full text and bibliographic authoritative and validated information.
FIREINF is arguably the world’s biggest collect of fire and fire-related information, see the Interest form www.sheilapantry.com/interest.html
Contact Sheila Pantry Associates Ltd. for 15 day FREE trials for all services that are very cost-effective and easy to use. Why pay more for information? Go to: www.sheilapantry.com/interest.html