Revised ISO/IEC 27000 – Key International Standard for Information Security has been revised

2018 may only have just begun, but it looks like a big year for information security. With questions being raised about the security of micro-processors, and major cyber security initiatives such as the EU’s General Data Protection Regulation brought into effect this year, as well as the POPI Act locally in South Africa, a new edition of ISO/IEC 27000 has come at just the right time.

ISO/IEC 27000:2018 provides the overview of information security management systems (ISMS), and terms and definitions commonly used in the ISMS ISO/IEC 27001 family of standards. Designed to be applicable to all types and size of organization from multinational business to small and medium-sized enterprises, the new version, released in February 2018, is equally valuable to government agencies or not-for-profit organizations.

There are more than a dozen standards in the 27000 family. The recently published ISO/IEC 27000 provides an understanding of how the standards fit together: their scopes, roles, functions and relationship to each other.

The ISO/IEC 27001 community will find this standard useful, since it brings together all the essential terminology used by other standards in the ISO/IEC 27000 family.

ISO/IEC 27000:2018 was developed by joint technical committee ISO/IEC JTC 1, Information technology, subcommittee SC 27, IT security techniques, whose secretariat is held by DIN, the ISO member for Germany. It can be purchased from Crest Advisory Africa.