jueves, 4 de febrero de 2010

ISO/IEC 27003:2010 - Guía de implantación de un SGSI

El pasado 3 de febrero ISO publico un nuevo integrante de la familia ISO 27000:
Information technology -- Security techniques -- Information security management system implementation guidance

Abstract

ISO/IEC 27003:2010 focuses on the critical aspects needed for successful design and implementation of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2005. It describes the process of ISMS specification and design from inception to the production of implementation plans.
It describes the process of obtaining management approval to implement an ISMS, defines a project to implement an ISMS (referred to in ISO/IEC 27003:2010 as the ISMS project), and provides guidance on how to plan the ISMS project, resulting in a final ISMS project implementation plan.

No hay comentarios: