Information Technology-Security Techniques-Requirements for Bodies Providing Audit and Certification on Information Security Management Systems(ISO/IEC 27006:2007, IDT) (ISO/IEC 27006:2007. IDT)
| Series: | Malaysian Standard |
| Publisher: | Malaysia SIRIM 2007 |
| Subject: | Quality control--Malaysia--Standards, Information technology |
| Pages: | 36 pages |
| Binding: | Softcover |
| Call No: | Ref TS156.6 M35 2007 |
ISO/IEC 27006:2007 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification.
The requirements contained in ISO/IEC 27006:2007 need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in ISO/IEC 27006:2007 provides additional interpretation of these requirements for any body providing ISMS certification.