ISO/IEC 27001:2013

By : 6clicks
ISO 27001 (ISO/IEC 27001:2013) is the international standard that provides the specification for an information security management system (ISMS). The latest version was published in October 2013. The Standard is designed to help organisations manage their information security processes in line with international best practice while optimising costs. It is technology and vendor neutral and is applicable to all organisations - irrespective of their size, type or nature. The Standard takes a risk-based approach to information security, requiring organisations to identify threats to their organisation and select appropriate controls to tackle them. This download includes the ISO 27001 mandatory requirements only so there are no mapped questions. Use this download if you just want the provisions and you want to create your own question set.
In stock

Details

This download includes the ISO 27001 mandatory requirements only so there are no mapped questions. Use this download if you just want the provisions and you want to create your own question set.

ISO 27001 (ISO/IEC 27001:2013) is the international standard that provides the specification for an information security management system (ISMS). The latest version was published in October 2013.

This standard has been licensed from Standards Australian License No. CL 12206cl for use internally in the 6clicks platform only. This content is made available on a view only basis for the purpose of linking to questions (in an Assessment) and controls (in a Control Set). Use or reproduction of this content outside of the 6clicks platform must be in accordance with your own Standards Australia Licence.

As a condition of use for the download of this particular marketplace item, we request that you hold your own suitable license from the relevant body for your use of this content.

The Standard is designed to help organisations manage their information security processes in line with international best practice while optimising costs. It is technology and vendor neutral and is applicable to all organisations - irrespective of their size, type or nature.

The Standard takes a risk-based approach to information security, requiring organisations to identify threats to their organisation and select appropriate controls to tackle them.

The mandatory requirements are outlined in sections 4-10 of the Standard. There are 27 clauses in total, each with multiple sub-requirements, and are summarised below.

4 Context of the organisation

5 Leadership

6 Planning

7 Support

8 Operation

9 Performance evaluation

10 Improvement

Getting Started

Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.

More Information

More Information
Jurisdiction All
Type Control, Laws or related obligations