ISO/IEC 27000:2018
Current
Current
The latest, up-to-date edition.
Information technology — Security techniques — Information security management systems — Overview and vocabulary
Available format(s)
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
Language(s)
English, French
Published date
07-02-2018
Important note : All end users must be registered with an Account prior to user licenses being assigned.
ISO/IEC 27000:2018 provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is applicable to all types and sizes of organization (e.g. commercial enterprises, government agencies, not-for-profit organizations).
The terms and definitions provided in this document
- cover commonly used terms and definitions in the ISMS family of standards;
- do not cover all terms and definitions applied within the ISMS family of standards; and
- do not limit the ISMS family of standards in defining new terms for use.
| Committee |
ISO/IEC JTC 1/SC 27
|
| DocumentType |
Standard
|
| Pages |
27
|
| PublisherName |
International Organization for Standardization
|
| Status |
Current
|
| Supersedes |
| Standards | Relationship |
| EN ISO/IEC 27000:2017 | Identical |
| IS/ISO/IEC 27000 : 2018 | Identical |
| SN EN ISO/IEC 27000:2020 | Identical |
| CSA ISO/IEC 27000:19 | Identical |
| INCITS/ISO/IEC 27000:2018(R2019) | Identical |
| DIN EN ISO/IEC 27000:2020-06 | Identical |
| UNI CEI EN ISO/IEC 27000:2020 | Identical |
| CEI UNI EN ISO/IEC 27000:2020 | Identical |
| PN-EN ISO/IEC 27000:2020-07 | Identical |
| ÖVE/ÖNORM EN ISO/IEC 27000:2020 05 15 | Identical |
| I.S. EN ISO/IEC 27000:2020 | Identical |
| NEN-EN-ISO/IEC 27000:2020 | Identical |
| EN ISO/IEC 27000:2020 | Identical |
| BS EN ISO/IEC 27000:2020 | Identical |
| NF EN ISO/IEC 27000:2020 | Identical |
| UNE-EN ISO/IEC 27000:2021 | Identical |
| ITU-T X.1380 (03/2023) | Security guidelines for cloud-based event data recorders in automotive environments |
| ITU-T X.1411 (03/2023) | Guideline on blockchain as a service (BaaS) security |
| ITU-T X.1382 (03/2023) | Guidelines for sharing security threat information on connected vehicles |
| INCITS/ISO/IEC 27036-1:2014(2019) | Information technology -- Security techniques -- Information security for supplier relationships -- Part 1: Overview and concepts |
| NS-ISO/IEC 42001:2023 | Information technology - Artificial intelligence - Management system |
| AS ISO/IEC 20924:2021 | Internet of Things (IoT) - Vocabulary |
| ISO 19011:2011 | Guidelines for auditing management systems |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC 17021:2011 | Conformity assessment Requirements for bodies providing audit and certification of management systems |
| ISO/IEC 27003:2017 | Information technology — Security techniques — Information security management systems — Guidance |
| ISO/IEC 27017:2015 | Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services |
| ISO/IEC 27004:2016 | Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation |
| ISO/IEC TR 27016:2014 | Information technology — Security techniques — Information security management — Organizational economics |
| AS/NZS ISO/IEC 20000.1:2019 | Information technology - Service management Service management system requirements |
| ISO/IEC 27006:2015 | Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems |
| ISO/IEC 27014:2013 | Information technology Security techniques Governance of information security |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| AS/NZS ISO/IEC 20000.10:2019 | Information technology - Service management Concepts and vocabulary |
| ISO/IEC 27018:2014 | Information technology Security techniques Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors |
| ISO/IEC 27010:2015 | Information technology Security techniques Information security management for inter-sector and inter-organizational communications |
| ISO/IEC 20000-1:2011 | Information technology Service management Part 1: Service management system requirements |
| ISO/IEC 27011:2016 | Information technology — Security techniques — Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| ISO/IEC/IEEE 15939:2017 | Systems and software engineering — Measurement process |
| SA/SNZ TR ISO/IEC 38505.2:2019 | Information technology - Governance of IT - Governance of data Implications of ISO/IEC 38505-1 for data management |
| AS/NZS ISO/IEC 20000.2:2020 | Information technology - Service management Guidance on the application of service management systems |
| AS 5205:2019 | Australian Health Contact Centres |
| ISO 9000:2015 | Quality management systems — Fundamentals and vocabulary |
| ISO/IEC TR 27008:2011 | Information technology Security techniques Guidelines for auditors on information security controls |
| ISO/IEC 27007:2017 | Information technology Security techniques Guidelines for information security management systems auditing |
| ISO/IEC 27013:2015 | Information technology Security techniques Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 |
| ISO/IEC 27009:2016 | Information technology Security techniques Sector-specific application of ISO/IEC 27001 Requirements |
| ISO Guide 73:2009 | Risk management — Vocabulary |
| ISO 27799:2016 | Health informatics Information security management in health using ISO/IEC 27002 |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.