BAS EN ISO/IEC 27007:2023

Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing

General Information

Status: Published

No. of pages: 43

Language: English

Edition: 1.

Adoption method: Endorsment

Publication date: 26.06.2023

Technical committee:

BAS/TC 1, Information technology

ICS:

03.120.20, Product and company certification. Conformity assessment;
03.100.70, Management systems;
35.030, IT Security

...

Abstract

ISO/IEC 27007 provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011:2011. ISO/IEC 27007 is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.

Lifecycle

...

Original document and degree of correspondence

EN ISO/IEC 27007:2022, identical
ISO/IEC 27007:2020, identical

Relation to BAS standards

BAS EN ISO/IEC 27007:2023

replaces

BAS ISO/IEC 27007:2021