ISO Knowledge
Blog

Structure of the ISO/IEC 27001 standard family

December 1, 2013 6 min read Vinastar Consulting
Blog
View larger

The ISO/IEC 27000 family is a set of information security standards comprising multiple mutually supporting documents. ISO 27001 is the core standard that can be certified.

Key standards in the ISO 27000 family

  • ISO/IEC 27000 — Overview and vocabulary
  • ISO/IEC 27001 — Management system requirements (certifiable)
  • ISO/IEC 27002 — Guidance for applying controls
  • ISO/IEC 27003 — Implementation guidance
  • ISO/IEC 27004 — Monitoring and measurement
  • ISO/IEC 27005 — Information security risk management
  • ISO/IEC 27701 — Privacy extension

Only ISO 27001 can be certified. All other standards in the family are guidance documents supporting implementation.

All articles Get Consulting

You might also like

ISO 27001
ISO 27001

What is ISO 27001 and what does your business need to prepare?

5 min read
ISO 27001
ISO 27001

The benefits of building an information security management system

4 min read
ISO 20000
ISO 20000

ISO 20000-1 and IT service management

6 min read

Questions about ISO implementation?

Send us a request and Vinastar will advise on the right standard and implementation approach for your organization.

Get Free Quote Liên hệ tư vấn