- ISO/IEC 27006
ISO/IEC 27006 part of a growing family of ISO/IEC ISMS standards, the 'ISO/IEC 27000 series' is an
information securitystandard published by the International Organization for Standardization(ISO) and the International Electrotechnical Commission(IEC). Its 2007 edition is entitled "Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems".
ISO/IEC 27006 offers guidelines for the accreditation of organizations which offer certification and registration with respect to an ISMS. ISO/IEC 27006 effectively replaces EA 7/03 (Guidelines for the Accreditation of bodies operating certification/ registration of. Information Security Management Systems).
Outline of the Standard
The standard contains the following ten sections:
*2: Normative references;
*3: Terms and definitions;
*5: General requirements;
*6: Structural requirements;
*7: Resource requirements;
*8: Information requirements;
*9: Process requirements;
*10: Management system requirements for certification bodies.
* [http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=42505&ICS1=35&ICS2=40&ICS3= ISO Website]
Wikimedia Foundation. 2010.