Abstract
This article presents ISO’s most successful information security standard ISO/IEC 27001 together with the other standards in the family of information security standards — the socalled ISO/IEC 2700x family of information security management system (ISMS) standards and guidelines. We shall take a brief look at the history and progress of these standards, where they originated from and how became the common language of organizations around the world for engaging in business securely. We shall take a tour through the different types of standard at are included in the ISMS family and how the relate and fit together and we will finally conclude with a short presentation of ISMS third party certification. The material used in this article has been derived directly from the many articles and books by Prof. Humphreys on the ISO/IEC 2700x ISMS family and they are implemented and applied in practice in business, commerce and government sectors.
Similar content being viewed by others
Bibliography
Humphreys, Edward (2008), Implementing the ISO/IEC 27001 Information Security Management System Standard (Information Security and Privacy Series), pub. Artech House
Humphreys, Edward (2010), Information Security Risk Management — Handbook for ISO/IEC 27001, Pub. BSI British Standards Institution
James Butler-Stewart author (2009), Father of ISMS Standards (BS 7799-1 | ISO/IEC 27002 & BS 7799-2 | ISO/IEC 27001), Infosec Publications, Australia, India and USA
ISO Publication (2010): ISO/IEC 27001 Information Security Management Systems — An easytouse ISO/IEC 27001 guide for the small business, author Humphreys, Edward
Humphreys, Edward and Plate Angelika (2005), Are you ready for an ISMS Audit based on ISO/IEC 27001? Pub. BSI British Standards Institution
Humphreys, Edward and Plate Angelika (2005), Guidelines on Requirements and Preparation for ISMS Certification Based on ISO/IEC 27001, Pub. BSI British Standards Institution
Humphreys, Edward (2009), Implementation of ISO/IEC 27001, Pub. MIQA, London
Humphreys, Edward and Plate Angelika (2010), ROSI and ISO/IEC 27001, Pub. Risk Publications Associates, LA, USA
Humphreys, Edward and Plate Angelika (2008), Pub. BSI British Standards Institution
Humphreys, Edward and Plate Angelika (2007), ISMS Metrics, Pub. MIQA, London
Humphreys, Edward and Plate Angelika (2006), Measuring the Effectiveness of your ISMS implementation based on ISO/IEC 27001, Pub. BSI British Standards Institution
Author information
Authors and Affiliations
Corresponding author
Additional information
Prof. Edward Humphreys is the convenor of ISO/IEC JTC 1/SC27/WG1 the working group responsible for the development and maintenance of the ISMS family of standards.
Rights and permissions
About this article
Cite this article
Humphreys, E. Information security management system standards. DuD 35, 7–11 (2011). https://doi.org/10.1007/s11623-011-0004-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11623-011-0004-3