Information technology, cybersecurity and privacy protection - Requirements for bodies providing audit and certification of information security management systems - Part 1: General (ISO/IEC DIS 27006-1.2:2023); German and English version prEN ISO/IEC 27006-1:2023
Abstract
ISO/IEC 27006:2015 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021‑1 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification.The requirements contained in this International Standard need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in this International Standard provides additional interpretation of these requirements for any body providing ISMS certification.NOTE This International Standard can be used as a criteria document for accreditation, peer assessment or other audit processes.
Begin
2022-05-05
WI
JT013050
Planned document number
DIN EN ISO/IEC 27006-1
Project number
04301018
Responsible national committee
NA 043-04-27-01 AK - Requirements, services and principles for IT Security management systems
Responsible european committee
CEN/CLC/JTC 13 - Cybersecurity and Data Protection
Responsible international committee
ISO/IEC JTC 1/SC 27/WG 1 - Information security management systems
draft standard
Requirements for bodies providing audit and certification of information security management systems - Part 1: General (ISO/IEC DIS 27006-1:2022); German and English version prEN ISO/IEC 27006-1:2022
2022-08
Order from Beuth Verlag
Information technology, cybersecurity and privacy protection - Requirements for bodies providing audit and certification of information security management systems - Part 1: General (ISO/IEC DIS 27006-1.2:2023); German and English version prEN ISO/IEC 27006-1:2023
2023-05
Order from Beuth Verlag
