Back

ISO/IEC TS 27008:2019

Information technology -- Security techniques -- Guidelines for the assessment of information security controls

General information
Valid from 14.01.2019
Directives or regulations
None

Standard history

Status
Date
Type
Name
14.01.2019
Main
06.10.2011
Main
This document provides guidance on reviewing and assessing the implementation and operation of information security controls, including the technical assessment of information system controls, in compliance with an organization's established information security requirements including technical compliance against assessment criteria based on the information security requirements established by the organization.
This document offers guidance on how to review and assess information security controls being managed through an Information Security Management System specified by ISO/IEC 27001.
It is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations conducting information security reviews and technical compliance checks.
*
*
*
PDF
283.20 € incl tax
Paper
283.20 € incl tax
Standard monitoring

Customers who bought this item also bought

Main

EVS-EN ISO/IEC 27007:2022

Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing (ISO/IEC 27007:2020)
Newest version Valid from 01.02.2022
Main

EVS-ISO/IEC 27003:2021

Information technology - Security techniques -- Information security management systems -- Guidance (ISO/IEC 27003:2017, identical)
Newest version Valid from 03.05.2021
Main

EVS-EN ISO/IEC 27002:2022

Information security, cybersecurity and privacy protection - Information security controls (ISO/IEC 27002:2022)
Newest version Valid from 01.12.2022
Main

EVS-EN ISO/IEC 27001:2023

Information security, cybersecurity and privacy protection - Information security management systems - Requirements (ISO/IEC 27001:2022)
Newest version Valid from 15.08.2023