New ISO standard for enhanced information security
Information security management system standard, ISO/IEC 27001 has been revised to deal with today’s risks.
A revised version of information security management system standard ISO/IEC 27001 – ISO/IEC 27001:2013 – is now available. The standard helps companies secure their information assets.
In the revised standard a number of improvements have been made to the security controls listed in Annex A to ensure that the standard remains current and is able to deal with today’s risks, namely identity theft, risks related to mobile devices and other online vulnerabilities, Edward Humphries, convener of the working group responsible for developing and maintaining the standard, states.
Another major change to the standard is the fact that it now fits the new high-level structure used in all management system standards. This has been put in place to help organisations that are implementing more than one management system standard at a time. It will also be of benefit to auditors who certify organisations that are using more than one such standard.
ISO/IEC 27001:2013 is available in the ISO Store in paper, pdf and ePub version.