iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC FDIS 27006-1

(Main)

Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General

Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General

ISO/IEC 27006:2015 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021‑1 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification. The requirements contained in this International Standard need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in this International Standard provides additional interpretation of these requirements for any body providing ISMS certification. NOTE This International Standard can be used as a criteria document for accreditation, peer assessment or other audit processes.

Sécurité de l'information, cybersécurité et protection de la vie privée — Exigences pour les organismes procédant à l'audit et à la certification des systèmes de management de la sécurité de l'information — Partie 1: Généralités

La présente Norme internationale spécifie les exigences et fournit des recommandations pour les organismes procédant à l'audit et à la certification d'un système de management de la sécurité de l'information (SMSI), en plus des exigences contenues dans l'ISO/IEC 17021‑1 et l'ISO/IEC 27001. Elle a pour principal objet de soutenir l'accréditation des organismes de certification qui procèdent à la certification de SMSI. Il est nécessaire que tout organisme qui procède à la certification de SMSI démontre qu'il respecte les exigences stipulées dans la présente Norme internationale en termes de compétences et de fiabilité, et les recommandations contenues dans la présente Norme internationale fournissent une interprétation supplémentaire de ces exigences pour tout organisme procédant à la certification de SMSI. NOTE La présente Norme internationale peut être utilisée comme référentiel pour l'accréditation, l'évaluation par des pairs ou d'autres processus d'audit.

General Information

Status
Not Published
ICS
03.120.20 - Product and company certification. Conformity assessment
35.030 - IT Security
Technical Committee
ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protection
Drafting Committee
ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protection
Current Stage
5020 - FDIS ballot initiated: 2 months. Proof sent to secretariat
Start Date
02-Nov-2023
Completion Date
02-Nov-2023
Ref Project

Relations

Consolidates
ISO 11119-3:2020 - Gas cylinders — Design, construction and testing of refillable composite gas cylinders and tubes — Part 3: Fully wrapped fibre reinforced composite gas cylinders and tubes up to 450 l with non-load-sharing metallic or non-metallic liners or without liners
Effective Date
06-Jun-2022
Revises
ISO/IEC 27006:2015/Amd 1:2020 - Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems — Amendment 1
Effective Date
06-Jun-2022
Revises
ISO/IEC 27006:2015 - Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems
Effective Date
06-Jun-2022

Buy Standard

ISO/IEC FDIS 27006-1 - Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General Released:19. 10. 2023ISO/IEC FDIS 27006-1 - Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General Released:19. 10. 2023
PreviousNext
Draft
ISO/IEC FDIS 27006-1 - Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General Released:19. 10. 2023
English language
49 pages
sale 15% off
Preview
sale 15% off
Preview
REDLINE ISO/IEC FDIS 27006-1 - Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General Released:19. 10. 2023REDLINE ISO/IEC FDIS 27006-1 - Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General Released:19. 10. 2023
PreviousNext
Draft
REDLINE ISO/IEC FDIS 27006-1 - Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems — Part 1: General Released:19. 10. 2023
English language
49 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

FINAL
INTERNATIONAL ISO/IEC
DRAFT
STANDARD FDIS
27006-1
ISO/IEC JTC 1/SC 27
Information security, cybersecurity
Secretariat: DIN
and privacy protection —
Voting begins on:
2023-11-02 Requirements for bodies providing
audit and certification of information
Voting terminates on:
2023-12-28
security management systems —
Part 1:
General
ISO/CEN PARALLEL PROCESSING
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/IEC FDIS 27006-1:2023(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. © ISO/IEC 2023

---------------------- Page: 1 ----------------------
ISO/IEC FDIS 27006-1:2023(E)
FINAL
INTERNATIONAL ISO/IEC
DRAFT
STANDARD FDIS
27006-1
ISO/IEC JTC 1/SC 27
Information security, cybersecurity
Secretariat: DIN
and privacy protection —
Voting begins on:
Requirements for bodies providing
audit and certification of information
Voting terminates on:
security management systems —
Part 1:
General
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2023
ISO/CEN PARALLEL PROCESSING
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
RECIPIENTS OF THIS DRAFT ARE INVITED TO
ISO copyright office
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
CP 401 • Ch. de Blandonnet 8
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
CH-1214 Vernier, Geneva
DOCUMENTATION.
Phone: +41 22 749 01 11
IN ADDITION TO THEIR EVALUATION AS
Reference number
Email: copyright@iso.org
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO­
ISO/IEC FDIS 27006­1:2023(E)
Website: www.iso.org
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
Published in Switzerland
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN­
DARDS TO WHICH REFERENCE MAY BE MADE IN
ii
  © ISO/IEC 2023 – All rights reserved
NATIONAL REGULATIONS. © ISO/IEC 2023

---------------------- Page: 2 ----------------------
ISO/IEC FDIS 27006-1:2023(E)
Contents Page
Foreword .v
Introduction .vii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Principles . 4
5 General requirements . 5
5.1 L egal and contractual matters . 5
5.2 Management of impartiality . 5
5.2.1 General . 5
5.2.2 Conflicts of interest.
...

Style Definition: Heading 1: Indent: Left: 0 cm, First line: 0
Date: ISO/IEC FDIS 27006-1:2023-08-08(E)
cm, Tab stops: Not at 0.76 cm
Style Definition: Heading 2: Font: Bold, Tab stops: Not at
ISO/IEC JTC 1/SC 27
0.63 cm
Style Definition: Heading 3: Font: Bold
Date: 2023-08-09
Style Definition: Heading 4: Font: Bold
ISO/IEC DIS 27006-1.2:2023(E)
Style Definition: Heading 5: Font: Bold
Style Definition: Heading 6: Font: Bold
ISO/IEC JTC 1/SC 27/WG 1
Style Definition: ANNEX
Style Definition: AMEND Terms Heading: Font: Bold
Secretariat: DIN
Style Definition: AMEND Heading 1 Unnumbered: Font: Bold
Date: 2023-10-18
Formatted: Left: 1.5 cm, Top: 1.4 cm, Footer distance from
edge: 0.5 cm
Information security, cybersecurity and privacy protection — Requirements for bodies
Formatted: English (United Kingdom)
providing audit and certification of information security management systems — Part 1:
Formatted: English (United Kingdom)
General
Formatted: Don't adjust space between Latin and Asian text,
Don't adjust space between Asian text and numbers
Exigences pour les organismes procédant à l'audit et à la certification des systèmes de
management de la sécurité de l'information — Partie 1 : Généralités

---------------------- Page: 1 ----------------------
ISO/IEC DIS FDIS 27006-1:2023(E)
Formatted: Font: 11.5 pt
Formatted: Font: 11.5 pt
© ISO/IEC 2023 Formatted: Adjust space between Latin and Asian text,
Adjust space between Asian text and numbers
All rights reserved. Unless otherwise specified, or required in the context of its implementation, Formatted: Default Paragraph Font
no part of this publication may be reproduced or utilized otherwise in any form or by any means,
Formatted: Default Paragraph Font
electronic or mechanical, including photocopying, or posting on the internet or an intranet,
without prior written permission. Permission can be requested from either ISO at the address
below or ISO’sISO's member body in the country of the requester.
ISO copyright officeCopyright Office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva Formatted: Adjust space between Latin and Asian text,
Adjust space between Asian text and numbers
Phone: + 41 22 749 01 11
Email: copyright@iso.org
Email: copyright@iso.org
Website: www.iso.orgwww.iso.org Formatted: Adjust space between Latin and Asian text,
Adjust space between Asian text and numbers
Published in Switzerland.
Formatted: English (United Kingdom)
Formatted: Font: 9 pt
Formatted: Left, Space Before: 18 pt, Line spacing: Exactly
12 pt
Formatted: English (United Kingdom)
Formatted: Font: 9 pt
Formatted: Font: 9 pt
Formatted: Font: 9 pt
Formatted: Font: 11 pt
Formatted: Space Before: 18 pt, Line spacing: Exactly 12 pt
ii © ISO/IEC 2023 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC DIS FDIS 27006-1:2023(E)
Formatted: Font: 11.5 pt
Formatted: Font: 11.5 pt
Formatted: Font: Not Bold
Contents Page
Foreword . 6
Introduction . 8
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Principles . 5
5 General requirements . 5
5.1 Legal and contractual matters . 5
5.2 Management of impartiality . 5
5.2.1 General . 5
5.2.2 Conflicts of interest . 5
5.3 Liability and financing . 5
6 Structural req
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC TS 27006-2:2021(Main)
Requirements for bodies providing audit and certification of information security management systems — Part 2: Privacy information management systems

This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006 and ISO/IEC 27701. It is primarily intended to support the accreditation of certification bodies providing PIMS certification. The requirements contained in this document need to be demonstrated in terms of competence and reliability by anybody providing PIMS certification, and the guidance contained in this document provides additional interpretation of these requirements for any body providing PIMS certification. NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Technical specification
    9 pages
    English language
    sale 15% off
  • Draft
    9 pages
    English language
    sale 15% off
ISO
ISO/IEC 27007:2020(Main)
Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing

This document provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011. This document is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.

  • Standard
    39 pages
    English language
    sale 15% off
  • Standard
    42 pages
    French language
    sale 15% off
ISO
ISO/IEC 27006:2015(Main)
Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems
SIST ISO/IEC 27006:2018

ISO/IEC 27006:2015 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021‑1 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification. The requirements contained in this International Standard need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in this International Standard provides additional interpretation of these requirements for any body providing ISMS certification. NOTE This International Standard can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Standard
    41 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    35 pages
    English language
    sale 15% off
  • Standard
    39 pages
    French language
    sale 15% off
  • Standard
    35 pages
    Arabic language
    sale 15% off
ISO
ISO/IEC TS 27006-2:2021(Main)
Requirements for bodies providing audit and certification of information security management systems — Part 2: Privacy information management systems

This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006 and ISO/IEC 27701. It is primarily intended to support the accreditation of certification bodies providing PIMS certification. The requirements contained in this document need to be demonstrated in terms of competence and reliability by anybody providing PIMS certification, and the guidance contained in this document provides additional interpretation of these requirements for any body providing PIMS certification. NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Technical specification
    9 pages
    English language
    sale 15% off
  • Draft
    9 pages
    English language
    sale 15% off
ISO
ISO/IEC 27007:2020(Main)
Information security, cybersecurity and privacy protection — Guidelines for information security management systems auditing

This document provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011. This document is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.

  • Standard
    39 pages
    English language
    sale 15% off
  • Standard
    42 pages
    French language
    sale 15% off
ISO
ISO/IEC 27006:2015(Main)
Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems
SIST ISO/IEC 27006:2018

ISO/IEC 27006:2015 specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021‑1 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification. The requirements contained in this International Standard need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in this International Standard provides additional interpretation of these requirements for any body providing ISMS certification. NOTE This International Standard can be used as a criteria document for accreditation, peer assessment or other audit processes.

  • Standard
    41 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    35 pages
    English language
    sale 15% off
  • Standard
    39 pages
    French language
    sale 15% off
  • Standard
    35 pages
    Arabic language
    sale 15% off
ISO
ISO 21978:2023(Main)
Air to water heat pumps — Testing and rating at part load conditions and calculation of seasonal coefficient of performance for space heating

This document specifies test conditions for determining the seasonal performance characteristics of air to water heat pumps for space heating with electrically driven compressors with or without supplementary heater. In the case of air to water heat pumps for space heating consisting of several parts with refrigerant or water connections, this document applies only to those designed and supplied as a complete package. The seasonal coefficient of performance depends, inter alia, on the climate conditions and temperature regime of the space heating distribution network. This document specifies: — three design conditions, each of them being characterized by a design temperature which represents the lowest temperature that can occur in that design condition; — three water temperature distribution regimes, namely “temperature application” in the text. This document also provides a full description of three heating seasons that can be used with the associated design conditions.

  • Standard
    50 pages
    English language
    sale 15% off
  • Draft
    49 pages
    English language
    sale 15% off
  • Draft
    49 pages
    English language
    sale 15% off
ISO
ISO 24438:2023(Main)
Ships and marine technology — Maritime education and training — Maritime career guidance

This document provides a powerful decision-making tool for persons that either have clear professional development goals or uncertainties related to the progression of their career paths, including minimum education and training requirements for many of the maritime-related occupations. It aims to assist candidates to take the necessary steps to meet their goals. This document seeks to assist professionals in (or those who would like to enter) the maritime sector, on board or ashore, in determining their professional goals, establishing how to achieve them through this proactive tool, taking into consideration: — personal circumstances and academic background; — previous work experience, knowledge and skills; — short, medium and long-term ambitions; — changing education and training requirements resulting from continual industry evolution; — current and future job opportunities, — impact of technology, and — shifting personal interests, attitudes, abilities, and goals. This document helps identify many of the potential jobs within the maritime industry, on board and ashore, in order to provide alternative career paths.

  • Standard
    17 pages
    English language
    sale 15% off
  • Draft
    16 pages
    English language
    sale 15% off
  • Draft
    16 pages
    English language
    sale 15% off
ISO
ISO 3951-6:2023(Main)
Sampling procedures for inspection by variables — Part 6: Specification for single sampling plans for isolated lot inspection indexed by limiting quality (LQ)

This document specifies an acceptance sampling system of single sampling plans for inspection by variables, primarily designed for use under the following conditions: a) where the inspection procedure is applied to an isolated lot of discrete products all supplied by one producer using one production process; b) where only a single quality characteristic, x, of this process is taken into consideration, which is measurable on a continuous scale; c) where the quality characteristic, x, is distributed according to a normal distribution or a close approximation to a normal distribution; d) where the quality characteristic can be measured without error or with moderate measurement error; e) where a contract or standard defines a lower specification limit, L, an upper specification limit, U, or both; an item is qualified as conforming if and only if its measured quality characteristic, x, satisfies the appropriate one of the following inequalities: 1) x ≥ L (i.e. the lower specification limit is not violated); 2) x ≤ U (i.e. the upper specification limit is not violated); 3) x ≥ L and x ≤ U (i.e. neither the lower nor the upper specification limit is violated). Inequalities 1) and 2) are cases with a single specification limit, whereas inequality 3) is a case with double specification limits. Where double specification limits apply, it is assumed in this document that conformance to both specification limits is equally important to the integrity of the product. In such cases, it is appropriate to apply a single LQ to the combined fraction of a product outside the two specification limits. This is referred to as combined control.

  • Standard
    80 pages
    English language
    sale 15% off
  • Draft
    82 pages
    English language
    sale 15% off
  • Draft
    82 pages
    English language
    sale 15% off
ISO
ISO 16478:2023(Main)
Thermal insulation products — Vacuum insulation panels (VIPs) — Specification

This document: — defines requirements for vacuum insulation panels (VIPs) with silica or glass fibre core, which are used for thermal insulation of buildings; — outlines required product properties, their performance, test methods and rules for conformity evaluations, identification and labelling; — provides a test method to determine ageing factors and the influence of the linear thermal bridges at the edges. This document is applicable to all types of silica and glass fibre core VIPs, independent of the type of envelope. In the case of a glass fibre core VIP, it is only applicable to VIPs with desiccants whose service life is ≥ 25 years. This document is not applicable to: — any specific installation and application requirements; — products intended to be used for the insulation of building equipment and industrial installations.

  • Standard
    52 pages
    English language
    sale 15% off
  • Draft
    52 pages
    English language
    sale 15% off
  • Draft
    52 pages
    English language
    sale 15% off