ISO/IEC TS 27008:2019

Information technology - Security techniques - Guidelines for the assessment of information security controls

ISO/IEC JTC 1/SC 27
Additional information

Abstract

ISO/IEC TS 27008:2019 This document provides guidance on reviewing and assessing the implementation and operation of information security controls, including the technical assessment of information system controls, in compliance with an organization's established information security requirements including technical compliance against assessment criteria based on the information security requirements established by the organization.
This document offers guidance on how to review and assess information security controls being managed through an Information Security Management System specified by ISO/IEC 27001.
It is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations conducting information security reviews and technical compliance checks.

Look inside

Relevant for

cyber security

smart city

Additional information

Publication type	Technical Specification
Publication date	2019-01-14
Edition	1.0
Available language(s)	English
TC/SC	ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protection rss
ICS	03.100.70 - Management systems 35.030 - IT Security
Pages	91
File size	3320 KB

The following test report forms are related:

Share this page

Share your publications

Learn how to share your publications with your colleagues, using networking options.

Payment information

Our prices are in Swiss francs (CHF). We accept all major credit cards (American Express, Mastercard and Visa, JCB and CUP), PayPal and bank transfers as form of payment.

Keep in touch

Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.

Contact customer services

Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 16:00 CET Monday to Friday.