Information technology -- Security techniques -- Information security management systems -- Requirements
AbstractISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.
Share your publications
Learn how to share your publications with your colleagues, using networking options.
Our prices are in Swiss francs (CHF). The following credit cards are accepted: American express, Mastercard and Visa. Request a pro forma to pay by bank transfer.
Keep in touch
Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.
Contact customer services
Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 17:00 CET Monday to Friday.