The following ISO27k standards are either published (shown in
red) or works in progress:
ISO/IEC 27:2! " pro#ides an overview or introdu$tion to the ISO27k standards and defines the spe$ialist vocabulary used throughout the ISO27k series% ISO/IEC 27&:2' is the Information Security Management System (ISMS) requirements standard, a spe$ifi$ation for an IS(S against whi$h thousands of organi)ations ha#e been $ertified $o*pliant% ISO/IEC 272:2' is the code of practice for information security management des$ribing a $o*prehensi#e set of infor*ation se$urit+ $ontrol ob,e$ti#es and a set of generall+ a$$epted good pra$ti$e se$urit+ $ontrols% ISO/IEC 27-:2& pro#ides implementation guidance for ISO/IEC 27&% ISO/IEC 27.:2! is an information security management measurement standard suggesting *etri$s to i*pro#e the effe$ti#eness of an IS(S% ISO/IEC 27':2/ is an information security risk management standard with ad#i$e on sele$ting appropriate risk anal+sis and *anage*ent tools and *ethods% ISO/IEC 270:27 is a guide to the certification or registration process for a$$redited IS(S $ertifi$ation/registration bodies who award ISO/IEC 27& $ertifi$ates% ISO/IEC 277 will be a guideline for auditing Information Security Management Systems% It is e1pe$ted to fo$us on auditing the management system ele*ents% ISO/IEC T2 27/ will pro#ide guidance on auditing information security controls% It is e1pe$ted to fo$us on auditing the information security controls% ISO/IEC 27& will be a *ulti"partite standard pro#iding guidan$e on information security management for sector-to-sector communications% ISO/IEC 27&&:2/ is the information security management guideline for telecommunications organizations (also known as IT3 4%&'&)% ISO/IEC 27&- will pro#ide guidan$e on the integrated implementation of IS!I"# $%%%%-& (I' Service Management) and IS!I"# $(%%& (ISMS)% ISO/IEC 27&. will $o#er information security governance% ISO/IEC 27&' will pro#ide information security management systems guidance for financial services organizations% ISO/IEC 27-& will be an I#'-focused standard on business continuity% ISO/IEC 27-2 will pro#ide guidelines for cybersecurity% ISO/IEC 27-- will repla$e the *ulti"part ISO/IEC &/2/ standard on I' network security% ISO/IEC 27-. will pro#ide guidelines for application security% ISO/IEC 27-' will repla$e ISO T2 &/.. on security incident management% Cop+right 5 2& Ise$T 6td% ISO/IEC 27-0 guideline for se$urit+ of outsourcing (new pro,e$t)% ISO/IEC 27-7 guideline for digital evidence (new pro,e$t)% Cop+right 5 2& Ise$T 6td%