Skip to main content
-
information security
-
Related links
Public Policies and Standards
- ISO - ISO Standards - JTC 1/SC 27 - IT Security techniquesÂ
ISO/IEC 27000 (Information technology -- Security techniques) Family of Standards:
- ISO/IEC 27001:2013 -- Information security management systems -- Requirements
- ISO/IEC 27000:2009 -- Information security management systems -- Overview and vocabulary
- ISO/IEC 27003:2010 -- Information security management system implementation guidance
- ISO/IEC 27004:2009 -- Information security management -- Measurement
- ISO/IEC 27005:2011 -- Information security risk management
- ISO/IEC 27006:2011 -- Requirements for bodies providing audit and certification of information security management systems
- ISO/IEC 27007:2011 -- Guidelines for information security management systems auditing
- ISO/IEC TR 27008:2011 -- Guidelines for auditors on information security controls
- ISO/IEC 27011:2008 -- Information security management guidelines for telecommunications organizations based on ISO/IEC 27002
- ISO/IEC 27018:2014 -- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
- ISO/IEC 27031:2011 -- Guidelines for information and communication technology readiness for business continuity
- ISO/IEC 27033-1:2009 -- Network security -- Part 1: Overview and concepts
- ISO/IEC 27033-3:2010 -- Network security -- Part 3: Reference networking scenarios -- Threats, design techniques and control issues
- ISO/IEC 27034-1:2011 -- Application security -- Part 1: Overview and concepts
- ISO/IEC 27035:2011 -- Information security incident management
- BSI Group - ISO/IEC 27001 Information Security
- Documents on IT Security Policy and Guidelines, Office of the Government Chief Information Officer, HKSAR