{"id":4610,"date":"2014-01-20T22:32:33","date_gmt":"2014-01-20T22:32:33","guid":{"rendered":"https:\/\/multiacademstg.wpengine.com\/27001academy\/blog\/014\/01\/20\/iso-27000-series-what-to-expect-in-2014\/"},"modified":"2024-12-21T16:02:53","modified_gmt":"2024-12-21T16:02:53","slug":"iso-27000-series-what-to-expect-in-2014","status":"publish","type":"post","link":"https:\/\/advisera.com\/27001academy\/blog\/2014\/01\/20\/iso-27000-series-what-to-expect-in-2014\/","title":{"rendered":"What is the ISO 27000 series?"},"content":{"rendered":"<div id=\"side-banner-trigger\" class=\"banner-shortcode\"><\/div>\n<p><em>Updated: November 16, 2023. <\/em><\/p>\n<p>If you are working as an ISO 27001 consultant or practitioner, you are probably heavily dependent on the ISO\/IEC 27000-series of standards. Since there are quite a lot of them (<a href=\"https:\/\/iso27001security.com\/html\/iso27000.html\" target=\"_blank\" rel=\"noopener\">see the list here<\/a>), it is a good idea to keep an eye on the most commonly used ones. So, let\u2019s see what ISO 27000 is, and what other standards from the ISO\/IEC 27K series are.<\/p>\n<div class=\"post-featured\">\n<div class=\"post-featured--content\">\n<p>The most popular standards from the ISO27k series are ISO 27000, ISO 27001, ISO 27002, ISO 27004, ISO 27005, ISO 27017, ISO 27018, and ISO 27701.<\/p>\n<\/div>\n<\/div>\n<p><strong>ISO\/IEC 27000<\/strong> \u2013 This standard gives an overview of information security management, as well as the vocabulary (explanation of main terms) for information security. ISO 27000 certification is not possible.<\/p>\n<p><strong>ISO\/IEC 27001<\/strong> \u2013 This standard gives the framework for the definition, implementation, operation, control, and improvement of an Information Security Management System. ISO 27001 framework is what makes this standard certifiable.<\/p>\n<p><strong>ISO\/IEC 27002<\/strong> \u2013 This standard provides guidelines and recommendations for the implementation of controls from Annex A of ISO 27001.<\/p>\n<p><strong><a href=\"https:\/\/advisera.com\/27001academy\/blog\/2012\/04\/10\/iso-27001-control-objectives-why-are-they-important\/\" target=\"_blank\" rel=\"noopener\">ISO\/IEC 27004<\/a><\/strong>\u00a0\u2013 This is the standard that defines how to measure information security.<\/p>\n<p><strong><a href=\"https:\/\/advisera.com\/27001academy\/iso-27001-risk-assessment-treatment-management\/\" target=\"_blank\" rel=\"noopener\">ISO\/IEC 27005<\/a><\/strong>\u00a0\u2013 This standard describes information security risk management.<\/p>\n<p><strong>ISO\/IEC 27011<\/strong> is the standard that provides guidelines for information security management in telecoms.<\/p>\n<p><strong>ISO\/IEC TR 27016<\/strong> is the standard that defines organizational economics for information security management.<\/p>\n<p><strong>ISO\/IEC 27017<\/strong> is the standard that provides the code of practice for data protection in cloud computing services, and it depends heavily on ISO 27002.<br \/>\n<div id=\"middle-banner\" class=\"banner-shortcode\"><\/div><script>loadMiddleBanner();<\/script><br \/>\n<strong>ISO\/IEC 27018<\/strong> is the standard that provides the code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors, and it depends heavily on ISO 27002.<\/p>\n<p><strong>ISO\/IEC 27033-4<\/strong> is the standard that speaks about network security \u2013 on how to secure communications between networks using security gateways.<\/p>\n<p><strong>ISO\/IEC 27036-1<\/strong> is the standard that gives an overview and explains the concepts related to information security and supplier relationships.<\/p>\n<p><strong>ISO\/IEC 27036-2<\/strong> is the main standard that describes the requirements related to information security for supplier relationships.<\/p>\n<p><strong>ISO\/IEC 27038<\/strong> is the standard that gives specifications for digital redaction \u2013 <em>redaction<\/em> here is the term for the process of denying file recipients knowledge of certain sensitive data within the original files.<\/p>\n<p><strong>ISO\/IEC 27039<\/strong> is the standard that describes selection, deployment and operations of intrusion detection systems (IDPS).<\/p>\n<p><strong>ISO\/IEC 27043<\/strong> is another standard that deals with incidents, or to be more precise \u2013 with incident investigation principles and processes.<\/p>\n<p><strong>ISO 27701<\/strong> is the standard that provides guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS).<\/p>\n<p>If you\u2019re in this business, you\u2019ll have a lot to read!<\/p>\n<p><span class=\"notion-enable-hover\" data-token-index=\"0\"><em>To implement ISO 27001 easily and efficiently,<\/em>\u00a0<\/span><a class=\"notion-link-token notion-focusable-token notion-enable-hover\" tabindex=\"0\" href=\"https:\/\/advisera.com\/conformio\/\" target=\"_blank\" rel=\"noopener\" data-token-index=\"1\"><span class=\"link-annotation-unknown-block-id-1092142182\">sign up for a free trial<\/span><\/a><span class=\"notion-enable-hover\" data-token-index=\"2\">\u00a0<em>of Conformio, the leading ISO 27001 compliance software.<\/em><\/span><!-- notionvc: bb67e49d-fa67-493c-a672-3a5b8bc88d02 --><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Updated: November 16, 2023. If you are working as an ISO 27001 consultant or practitioner, you are probably heavily dependent on the ISO\/IEC 27000-series of standards. Since there are quite a lot of them (see the list here), it is a good idea to keep an eye on the most commonly used ones. So, let\u2019s &#8230;<\/p>\n","protected":false},"author":26,"featured_media":88430,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[381,402,524,580],"class_list":["post-4610","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-iso-27001","tag-iso-27002","tag-iso-27005","tag-iso-27004"],"acf":[],"_links":{"self":[{"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/posts\/4610","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/users\/26"}],"replies":[{"embeddable":true,"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/comments?post=4610"}],"version-history":[{"count":1,"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/posts\/4610\/revisions"}],"predecessor-version":[{"id":103309,"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/posts\/4610\/revisions\/103309"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/media\/88430"}],"wp:attachment":[{"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/media?parent=4610"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/categories?post=4610"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/advisera.com\/27001academy\/wp-json\/wp\/v2\/tags?post=4610"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}