US ISO/IEC 27003:2010

Information technology - Security techniques - Information security management system implementation guidance


Abstract

This Uganda Standard focuses on the critical aspects needed for successful design and implementation of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2005. It describes the process of ISMS specification and design from inception to the production of implementation plans. It describes the process of obtaining management approval to implement an ISMS, defines a project to implement an ISMS (referred to in this International Standard as the ISMS project), and provides guidance on how to plan the ISMS project, resulting in a final ISMS project implementation plan. This standard is intended to be used by organizations implementing an ISMS. It is applicable to all types of organization (e.g. commercial enterprises, government agencies, non-profit organizations) of all sizes. Each organization's complexity and risks are unique, and its specific requirements will drive the ISMS implementation. Smaller organizations will find that the activities noted in this International Standard are applicable to them and can be simplified. Large-scale or complex organizations might find that a layered organization or management system is needed to manage the activities in this International Standard effectively. However, in both cases, the relevant activities can be planned by applying this standard. This standard gives recommendations and explanations it does not specify any requirements. This standard is intended to be used in conjunction with ISO/IEC 27001 and ISO/IEC 27002, but is not intended to modify and/or reduce the requirements specified in ISO/IEC 27001 or the recommendations provided in ISO/IEC 27002

This Standard was withdrawn and replaced by :

  US ISO/IEC 27003:2017

Clients Who Bought This Standard also Bought:

US ISO/IEC 27032:2012

Information technology - Security techniques - Guidelines for cyb ..

US ISO/IEC 27005:2011

Information technology - Security techniques - Information securi ..

US ISO/IEC 27007:2011

Information technology - Security techniques - Guidelines for inf ..

US ISO/IEC 27006:2011

Information technology - Security techniques - Requirements for b ..

US ISO/IEC 27004:2009

Information technology - Security techniques - Information securi ..

US ISO 27799:2016

Health informatics - Information security management in health us ..

US ISO/IEC 27010: 2012

Information technology - Security techniques - Information securi ..

US ISO 22301:2012

Societal security - Business continuity management systems - Requ ..

US ISO 9001:2015

Quality management systems - Requirements

US ISO 9000:2015

Quality management systems - Fundamentals and vocabulary

.....
Show Related Standards..