ISO修订ISO/IEC 27000——信息安全重要国际标准

发布时间： 2018-04-18 15:10:44 审校：睿智浏览次数：
来源：https://www.iso.org/news/ref2266.html

2018年或许刚开始，但对信息安全来说却是不平凡的一年。随着微处理器的安全性问题的提出，以及重大网络安全举措，例如今年生效的欧盟《通用数据保护条约》，新版ISO/IEC 27000出台的正是时候。

ISO/IEC 27000:2018概述了信息安全管理系统（ISMS）以及ISMS ISO/IEC 27001系列标准中常用的术语及定义。旨在适用于从跨国企业到中小企业等各种类型、各种规模的组织 2018年2月发布的新版标准对政府机构和非盈利性组织来说同样重要。

27000标准系列包含十几个成员。新近发布的ISO/IEC 27000介绍各种标准如何组合在一起：各自的适用范围、角色、功能以及相互间的关系。

ISO/IEC 27001用户将会发现这个标准非常有用，因为它汇集了ISO/IEC 27000系列中其它所有标准的常用基本术语。

ISO/IEC 27000:2018是由ISO/IEC联合技术小组ISO/IEC JTC 1（信息技术）和分技术委员会SC 27 IT安全技术，其秘书处由国际标准化组织的德国成员即DIN承担制定。

ISO/IEC 27000 - key International Standard for information security revised

2018 may only have just begun, but it looks like a big year for information security. With questions being raised about the security of micro-processors, and major cyber security initiatives such as the EU’s General Data Protection Regulation brought into effect this year, a new edition of ISO/IEC 27000 has come at just the right time.

ISO/IEC 27000:2018 provides the overview of information security management systems (ISMS), and terms and definitions commonly used in the ISMS ISO/IEC 27001 family of standards. Designed to be applicable to all types and size of organization from

multinational business to small and medium-sized enterprises, the new version, released in February 2018, is equally valuable to government agencies or not-for-profit organizations.

There are more than a dozen standards in the 27000 family. The recently published ISO/IEC 27000 provides an understanding of how the standards fit together: their scopes, roles, functions and relationship to each other.

The ISO/IEC 27001 community will find this standard useful, since it brings together all the essential terminology used by other standards in the ISO/IEC 27000 family.

ISO/IEC 27000:2018 was developed by joint technical committee ISO/IEC JTC 1, Information technology, subcommittee SC 27, IT security techniques, whose secretariat is held by DIN, the ISO member for Germany.

顶

踩