The following ISO27k standards are either published (shown in

red) or works in progress:

ISO/IEC 27:2! " pro#ides an overview or introdu$tion to
the ISO27k standards and defines the spe$ialist vocabulary
used throughout the ISO27k series%
ISO/IEC 27&:2' is the Information Security
Management System (ISMS) requirements standard,
a spe$ifi$ation for an IS(S against whi$h thousands of
organi)ations ha#e been $ertified $o*pliant%
ISO/IEC 272:2' is the code of practice for information security management
des$ribing a $o*prehensi#e set of infor*ation se$urit+ $ontrol ob,e$ti#es and a set of generall+
a$$epted good pra$ti$e se$urit+ $ontrols%
ISO/IEC 27-:2& pro#ides implementation guidance for ISO/IEC 27&%
ISO/IEC 27.:2! is an information security management measurement standard
suggesting *etri$s to i*pro#e the effe$ti#eness of an IS(S%
ISO/IEC 27':2/ is an information security risk management standard with ad#i$e on
sele$ting appropriate risk anal+sis and *anage*ent tools and *ethods%
ISO/IEC 270:27 is a guide to the certification or registration process for a$$redited
IS(S $ertifi$ation/registration bodies who award ISO/IEC 27& $ertifi$ates%
ISO/IEC 277 will be a guideline for auditing Information Security Management Systems%
It is e1pe$ted to fo$us on auditing the management system ele*ents%
ISO/IEC T2 27/ will pro#ide guidance on auditing information security controls% It is
e1pe$ted to fo$us on auditing the information security controls%
ISO/IEC 27& will be a *ulti"partite standard pro#iding guidan$e on information security
management for sector-to-sector communications%
ISO/IEC 27&&:2/ is the information security management guideline for
telecommunications organizations (also known as IT3 4%&'&)%
ISO/IEC 27&- will pro#ide guidan$e on the integrated implementation of IS!I"# $%%%%-&
(I' Service Management) and IS!I"# $(%%& (ISMS)%
ISO/IEC 27&. will $o#er information security governance%
ISO/IEC 27&' will pro#ide information security management systems guidance for
financial services organizations%
ISO/IEC 27-& will be an I#'-focused standard on business continuity%
ISO/IEC 27-2 will pro#ide guidelines for cybersecurity%
ISO/IEC 27-- will repla$e the *ulti"part ISO/IEC &/2/ standard on I' network security%
ISO/IEC 27-. will pro#ide guidelines for application security%
ISO/IEC 27-' will repla$e ISO T2 &/.. on security incident management%
Cop+right 5 2& Ise$T 6td%
ISO/IEC 27-0 guideline for se$urit+ of outsourcing (new pro,e$t)%
ISO/IEC 27-7 guideline for digital evidence (new pro,e$t)%
Cop+right 5 2& Ise$T 6td%