p
ISO/IEC 27001:2013
54534


ICS3535.030

ISO/IEC 27001:2013

Information technology  Security techniques  Information security management systems  Requirements

 



Abstract  Preview



ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.
  

General information   






Status
  :  Published  

Publication date
  : 2013-10  





Edition
  : 2

Number of pages
  : 23
  



Technical Committee
  :   ISO/IEC JTC 1/SC 27  Information security, cybersecurity and privacy protection  



ICS
  :  
35.030   IT Security  
03.100.70   Management systems  






Buy this standard


Format Language
PDF + Color PDF + ePub
PDF + ePub
PDF + ePub + Redline
Paper
PDF




CHF118  
 







 









People also bought




ISO/IEC 27000:2018
Information technology
Security techniques
 Information security management systems
 Overview and vocabulary
  

ISO/IEC 27002:2013 [Withdrawn]
Information technology
Security techniques
 Code of practice for information security controls
  

ISO/IEC 27005:2018
Information technology
Security techniques
 Information security risk management
  





Life cycle

 


Previously




Withdrawn
ISO/IEC 27001:2005
 


Now



Published
ISO/IEC 27001:2013
 
A standard is reviewed every 5 years
  

00
Preliminary
  

10
Proposal
  

10.99  2009-05-19  
New project approved
  


20
Preparatory
  

20.00  2010-05-28  
New project registered in TC/SC work programme
  
20.20  2010-05-28  
Working draft (WD) study initiated
  
20.60  2010-09-03  
Close of comment period
  
20.20  2010-11-25  
Working draft (WD) study initiated
  
20.60  2011-02-28  
Close of comment period
  
20.99  2011-03-01  
WD approved for registration as CD
  


30
Committee
  

30.00  2011-06-08  
Committee draft (CD) registered
  
30.20  2011-06-08  
CD study/ballot initiated
  
30.60  2011-09-09  
Close of voting/ comment period
  
30.92  2011-11-21  
CD referred back to Working Group
  
30.20  2011-11-21  
CD study/ballot initiated
  
30.60  2012-02-29  
Close of voting/ comment period
  
30.92  2012-06-20  
CD referred back to Working Group
  
30.20  2012-06-20  
CD study/ballot initiated
  
30.60  2012-09-22  
Close of voting/ comment period
  
30.99  2012-11-12  
CD approved for registration as DIS
  


40
Enquiry
  

40.00  2012-11-13  
DIS registered
  
40.20  2013-01-16  
DIS ballot initiated: 12 weeks
  
40.60  2013-04-18  
Close of voting
  
40.99  2013-05-22  
Full report circulated: DIS approved for registration as FDIS
  


50
Approval
  

50.00  2013-05-22  
Final text received or FDIS registered for formal approval
  
50.20  2013-07-03  
Proof sent to secretariat or FDIS ballot initiated: 8 weeks
  
50.60  2013-09-05  
Close of voting. Proof returned by secretariat
  


60
Publication
  

60.00  2013-09-16  
International Standard under publication
  
60.60  2013-09-25  
International Standard published
  


90
Review
  

90.20  2018-07-15  
International Standard under systematic review
  
90.60  2018-12-04  
Close of review
  
90.93  2019-06-03  
International Standard confirmed
  
90.92  2022-05-30  
International Standard to be revised
  
90.93  
International Standard confirmed
  
90.99  
Withdrawal of International Standard proposed by TC or SC
  


95
Withdrawal
  

95.99  
Withdrawal of International Standard
  



Corrigenda / Amendments



Published
ISO/IEC 27001:2013/Cor 1:2014
 
Published
ISO/IEC 27001:2013/DAmd 1
 
Published
ISO/IEC 27001:2013/Cor 2:2015
 

Revised by




Under development
ISO/IEC 27001
 







This may also interest you

 


News




Hacker dressed in black and wearing a Guy Fawkes mask sits at a desk in a dark room, illuminated only up by the dim light of his laptop screen.


 



Keeping an eye on information security
The standard for IS governance just updated.
  


A guy wearing a yellow t-shirt works from home using his dining room table as a desk


 



Keeping cyberspace safe for 30 years
At a time when more of us are connected and working remotely than ever before, its good to know that there are people like SC 27 keeping our online activities secure with ISO standards.
  


High-angle view of two technicians talking in a server room.


 



Guidance for information security management systems auditors just updated
Keeping sensitive company information and personal data safe and secure is not only essential for any business but a legal imperative. Many organizations do this with the help of an information security 
  


Shot of an unrecognizable man doing online shopping on his digital tablet and holding his credit card while being seated at a table.


 



Tackling privacy information management head on: first International Standard just published
We are more connected than ever, bringing with it the joys, and risks, of our digital world. Cybersecurity is a growing concern, with attacks against business almost doubling over the last few years and 
  


Close up of the hands of a woman typing on a red lit laptop keyboard.


 



Stronger data protection with updated guidelines on assessing information security controls
Software attacks, theft of intellectual property or sabotage are just some of the many information security risks that organizations face. And the consequences can be huge. Most organizations have controls 
  


Pages



Server room or server computers.3d rendering.


ISO/IEC 27001  Information security management
Providing security for any kind of digital information, the ISO/IEC 27000 family of standards is designed for any size of organization.
  





Got a question?


Check out our FAQs



Customer care
+41 22 749 08 88
customerservice@iso.org


Opening hours:
 Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)




Keep up to date with ISO


Sign up to our newsletter for the latest news, views and product information.
 Subscribe
 







(二) Store  
(三) Standards catalogue

(四) ICS  
(五)35
(六)35.030
 (七)ISO/IEC 27001:2013
 



Standards
Benefits
 Popular standards
 Conformity assessment
 SDGs
 About us
What we do
 Structure
 Members
 Strategy
 News
Events
 Media kit
 Taking part
Who develops standards
 Deliverables
 Get involved
 Climate action kit
 Resources
 Store
Standards catalogue
 Publications and products
  




ISO name and logo
 Privacy and copyright
 Cookie policy
 Jobs
 FAQs
 Contact ISO









Great things happen when the world agrees


We are committed to ensuring that our website is accessible to everyone. If you have any questions or suggestions regarding the accessibility of this site, please contact us.
© All Rights Reserved All ISO publications and materials are protected by copyright and are subject to the users acceptance of ISOs conditions of copyright. Any use, including reproduction requires our written permission. All copyright requests should be addressed to copyright@iso.org.
  




Powered by